diff --git a/web/api/v1/add/cron/autoupdate/index.php b/web/api/v1/add/cron/autoupdate/index.php
new file mode 100644
index 000000000..843dc71a0
--- /dev/null
+++ b/web/api/v1/add/cron/autoupdate/index.php
@@ -0,0 +1,27 @@
+<?php
+// Init
+error_reporting(NULL);
+ob_start();
+session_start();
+include($_SERVER['DOCUMENT_ROOT']."/inc/main.php");
+
+$message = '';
+$error = '';
+
+// Check token
+if ((!isset($_GET['token'])) || ($_SESSION['token'] != $_GET['token'])) {
+	$error = 'Unauthenticated.';
+}
+
+if ($_SESSION['user'] == 'admin') {
+    exec (VESTA_CMD."v-add-cron-vesta-autoupdate", $output, $return_var);
+    $message = __('Autoupdate has been successfully enabled');
+    unset($output);
+}
+
+$result = array(
+	'message' => $message,
+	'error' => $error,
+);
+
+print json_encode($result);
diff --git a/web/api/v1/add/cron/index.php b/web/api/v1/add/cron/index.php
new file mode 100644
index 000000000..f9407df92
--- /dev/null
+++ b/web/api/v1/add/cron/index.php
@@ -0,0 +1,72 @@
+<?php
+error_reporting(NULL);
+ob_start();
+$TAB = 'CRON';
+
+// Main include
+include($_SERVER['DOCUMENT_ROOT']."/inc/main.php");
+
+// Check POST request
+if (!empty($_POST['ok'])) {
+
+    // Check token
+    if ((!isset($_POST['token'])) || ($_SESSION['token'] != $_POST['token'])) {
+        exit();
+    }
+
+    // Check empty fields
+    if ((!isset($_POST['v_min'])) || ($_POST['v_min'] == '')) $errors[] = __('minute');
+    if ((!isset($_POST['v_hour'])) || ($_POST['v_hour'] == '')) $errors[] = __('hour');
+    if ((!isset($_POST['v_day'])) || ($_POST['v_day'] == '')) $errors[] = __('day');
+    if ((!isset($_POST['v_month'])) || ($_POST['v_month'] == '')) $errors[] = __('month');
+    if ((!isset($_POST['v_wday'])) || ($_POST['v_wday'] == '')) $errors[] = __('day of week');
+    if ((!isset($_POST['v_cmd'])) || ($_POST['v_cmd'] == '')) $errors[] = __('cmd');
+    if (!empty($errors[0])) {
+        foreach ($errors as $i => $error) {
+            if ( $i == 0 ) {
+                $error_msg = $error;
+            } else {
+                $error_msg = $error_msg.", ".$error;
+            }
+        }
+        $_SESSION['error_msg'] = __('Field "%s" can not be blank.',$error_msg);
+    }
+
+    // Protect input
+    $v_min = escapeshellarg($_POST['v_min']);
+    $v_hour = escapeshellarg($_POST['v_hour']);
+    $v_day = escapeshellarg($_POST['v_day']);
+    $v_month = escapeshellarg($_POST['v_month']);
+    $v_wday = escapeshellarg($_POST['v_wday']);
+    $v_cmd = escapeshellarg($_POST['v_cmd']);
+
+    // Add cron job
+    if (empty($_SESSION['error_msg'])) {
+        exec (VESTA_CMD."v-add-cron-job ".$user." ".$v_min." ".$v_hour." ".$v_day." ".$v_month." ".$v_wday." ".$v_cmd, $output, $return_var);
+        check_return_code($return_var,$output);
+        unset($output);
+    }
+
+    // Flush field values on success
+    if (empty($_SESSION['error_msg'])) {
+        $_SESSION['ok_msg'] = __('CRON_CREATED_OK');
+        unset($v_min);
+        unset($v_hour);
+        unset($v_day);
+        unset($v_month);
+        unset($v_wday);
+        unset($v_cmd);
+        unset($output);
+    }
+}
+
+$result = array(
+  'error_msg' => $_SESSION['error_msg'],
+  'ok_msg' => $_SESSION['ok_msg']
+);
+
+echo json_encode($result);
+
+// Flush session messages
+unset($_SESSION['error_msg']);
+unset($_SESSION['ok_msg']);
diff --git a/web/api/v1/add/cron/reports/index.php b/web/api/v1/add/cron/reports/index.php
new file mode 100644
index 000000000..b4ada7cad
--- /dev/null
+++ b/web/api/v1/add/cron/reports/index.php
@@ -0,0 +1,25 @@
+<?php
+// Init
+error_reporting(NULL);
+ob_start();
+session_start();
+include($_SERVER['DOCUMENT_ROOT']."/inc/main.php");
+
+$message = '';
+$error = '';
+
+// Check token
+if ((!isset($_GET['token'])) || ($_SESSION['token'] != $_GET['token'])) {
+	$error = 'Unathenticated.';
+}
+
+exec (VESTA_CMD."v-add-cron-reports ".$user, $output, $return_var);
+$message = __('Cronjob email reporting has been successfully enabled');
+unset($output);
+
+$result = array(
+	'message' => $message,
+	'error' => $error
+);
+
+print json_encode($result);
diff --git a/web/api/v1/add/db/index.php b/web/api/v1/add/db/index.php
new file mode 100644
index 000000000..e633d6b97
--- /dev/null
+++ b/web/api/v1/add/db/index.php
@@ -0,0 +1,143 @@
+<?php
+error_reporting(NULL);
+ob_start();
+$TAB = 'DB';
+
+header('Content-Type: application/json');
+
+// Main include
+include($_SERVER['DOCUMENT_ROOT']."/inc/main.php");
+
+// Check POST request
+if (!empty($_POST['ok'])) {
+
+    // Check token
+    if ((!isset($_POST['token'])) || ($_SESSION['token'] != $_POST['token'])) {
+        exit();
+    }
+
+    // Check empty fields
+    if (empty($_POST['v_database'])) $errors[] = __('database');
+    if (empty($_POST['v_dbuser'])) $errors[] = __('username');
+    if (empty($_POST['v_password'])) $errors[] = __('password');
+    if (empty($_POST['v_type'])) $errors[] = __('type');
+    if (empty($_POST['v_host'])) $errors[] = __('host');
+    if (empty($_POST['v_charset'])) $errors[] = __('charset');
+    if (!empty($errors[0])) {
+        foreach ($errors as $i => $error) {
+            if ( $i == 0 ) {
+                $error_msg = $error;
+            } else {
+                $error_msg = $error_msg.", ".$error;
+            }
+        }
+        $_SESSION['error_msg'] = __('Field "%s" can not be blank.',$error_msg);
+    }
+
+    // Validate email
+    if ((!empty($_POST['v_db_email'])) && (empty($_SESSION['error_msg']))) {
+        if (!filter_var($_POST['v_db_email'], FILTER_VALIDATE_EMAIL)) {
+            $_SESSION['error_msg'] = __('Please enter valid email address.');
+        }
+    }
+
+    // Check password length
+    if (empty($_SESSION['error_msg'])) {
+        $pw_len = strlen($_POST['v_password']);
+        if ($pw_len < 6 ) $_SESSION['error_msg'] = __('Password is too short.',$error_msg);
+    }
+
+    // Protect input
+    $v_database = escapeshellarg($_POST['v_database']);
+    $v_dbuser = escapeshellarg($_POST['v_dbuser']);
+    $v_type = $_POST['v_type'];
+    $v_charset = $_POST['v_charset'];
+    $v_host = $_POST['v_host'];
+    $v_db_email = $_POST['v_db_email'];
+
+    // Add database
+    if (empty($_SESSION['error_msg'])) {
+        $v_type = escapeshellarg($_POST['v_type']);
+        $v_charset = escapeshellarg($_POST['v_charset']);
+        $v_host = escapeshellarg($_POST['v_host']);
+        $v_password = tempnam("/tmp","vst");
+        $fp = fopen($v_password, "w");
+        fwrite($fp, $_POST['v_password']."\n");
+        fclose($fp);
+        exec (VESTA_CMD."v-add-database ".$user." ".$v_database." ".$v_dbuser." ".$v_password." ".$v_type." ".$v_host." ".$v_charset, $output, $return_var);
+        check_return_code($return_var,$output);
+        unset($output);
+        unlink($v_password);
+        $v_password = escapeshellarg($_POST['v_password']);
+        $v_type = $_POST['v_type'];
+        $v_host = $_POST['v_host'];
+        $v_charset = $_POST['v_charset'];
+    }
+
+    // Get database manager url
+    if (empty($_SESSION['error_msg'])) {
+        list($http_host, $port) = explode(':', $_SERVER["HTTP_HOST"] . ":");
+        if ($_POST['v_host'] != 'localhost' ) $http_host = $_POST['v_host'];
+        if ($_POST['v_type'] == 'mysql') $db_admin = "phpMyAdmin";
+        if ($_POST['v_type'] == 'mysql') $db_admin_link = "http://".$http_host."/phpmyadmin/";
+        if (($_POST['v_type'] == 'mysql') && (!empty($_SESSION['DB_PMA_URL']))) $db_admin_link = $_SESSION['DB_PMA_URL'];
+        if ($_POST['v_type'] == 'pgsql') $db_admin = "phpPgAdmin";
+        if ($_POST['v_type'] == 'pgsql') $db_admin_link = "http://".$http_host."/phppgadmin/";
+        if (($_POST['v_type'] == 'pgsql') && (!empty($_SESSION['DB_PGA_URL']))) $db_admin_link = $_SESSION['DB_PGA_URL'];
+    }
+
+    // Email login credentials
+    if ((!empty($v_db_email)) && (empty($_SESSION['error_msg']))) {
+        $to = $v_db_email;
+        $subject = __("Database Credentials");
+        $hostname = exec('hostname');
+        $from = __('MAIL_FROM',$hostname);
+        $mailtext = __('DATABASE_READY',$user."_".$_POST['v_database'],$user."_".$_POST['v_dbuser'],$_POST['v_password'],$db_admin_link);
+        send_email($to, $subject, $mailtext, $from);
+    }
+
+    // Flush field values on success
+    if (empty($_SESSION['error_msg'])) {
+        $_SESSION['ok_msg'] = __('DATABASE_CREATED_OK',htmlentities($user)."_".htmlentities($_POST['v_database']),htmlentities($user)."_".htmlentities($_POST['v_database']));
+        $_SESSION['ok_msg'] .= " / <a href=".$db_admin_link." target='_blank'>" . __('open %s',$db_admin) . "</a>";
+        unset($v_database);
+        unset($v_dbuser);
+        unset($v_password);
+        unset($v_type);
+        unset($v_charset);
+    }
+}
+
+// Get user email
+$v_db_email = $panel[$user]['CONTACT'];
+
+// List avaiable database types
+$db_types = explode(',', $_SESSION['DB_SYSTEM']);
+
+// List available database servers
+exec (VESTA_CMD."v-list-database-hosts json", $output, $return_var);
+$db_hosts_tmp1 = json_decode(implode('', $output), true);
+$db_hosts_tmp2 = array_map(function($host){return $host['HOST'];}, $db_hosts_tmp1);
+$db_hosts = array_values(array_unique($db_hosts_tmp2));
+unset($output);
+unset($db_hosts_tmp1);
+unset($db_hosts_tmp2);
+
+$prefixI18N = __('Prefix will be automaticaly added to database name and database user', "<b>".$_SESSION['user']."_</b>");
+$maxCharLength = __('maximum characters length, including prefix', 16);
+
+$result = array(
+  'dbHosts' => $db_hosts,
+  'dbTypes' => $db_types,
+  'user' => $_SESSION['user'],
+  'prefixI18N' => $prefixI18N,
+  'maxCharLength' => $maxCharLength,
+  'error_msg' => $_SESSION['error_msg'],
+  'ok_msg' => $_SESSION['ok_msg']
+);
+
+echo json_encode($result);
+
+// Flush session messages
+unset($_SESSION['error_msg']);
+unset($_SESSION['ok_msg']);
diff --git a/web/api/v1/add/dns/index.php b/web/api/v1/add/dns/index.php
new file mode 100644
index 000000000..bb39939bc
--- /dev/null
+++ b/web/api/v1/add/dns/index.php
@@ -0,0 +1,188 @@
+<?php
+error_reporting(NULL);
+ob_start();
+$TAB = 'DNS';
+header('Content-Type: application/json');
+
+// Main include
+include($_SERVER['DOCUMENT_ROOT']."/inc/main.php");
+
+// Check POST request for dns domain
+if (!empty($_POST['ok'])) {
+
+    // Check token
+    if ((!isset($_POST['token'])) || ($_SESSION['token'] != $_POST['token'])) {
+        exit();
+    }
+
+    // Check empty fields
+    if (empty($_POST['v_domain'])) $errors[] = __('domain');
+    if (empty($_POST['v_ip'])) $errors[] = __('ip');
+    if (!empty($errors[0])) {
+        foreach ($errors as $i => $error) {
+            if ( $i == 0 ) {
+                $error_msg = $error;
+            } else {
+                $error_msg = $error_msg.", ".$error;
+            }
+        }
+        $_SESSION['error_msg'] = __('Field "%s" can not be blank.',$error_msg);
+    }
+
+    // Protect input
+    $v_domain = preg_replace("/^www./i", "", $_POST['v_domain']);
+    $v_domain = escapeshellarg($v_domain);
+    $v_domain = strtolower($v_domain);
+    $v_ip = escapeshellarg($_POST['v_ip']);
+    $v_ns1 = escapeshellarg($_POST['v_ns1']);
+    $v_ns2 = escapeshellarg($_POST['v_ns2']);
+    $v_ns3 = escapeshellarg($_POST['v_ns3']);
+    $v_ns4 = escapeshellarg($_POST['v_ns4']);
+    $v_ns5 = escapeshellarg($_POST['v_ns5']);
+    $v_ns6 = escapeshellarg($_POST['v_ns6']);
+    $v_ns7 = escapeshellarg($_POST['v_ns7']);
+    $v_ns8 = escapeshellarg($_POST['v_ns8']);
+
+    // Add dns domain
+    if (empty($_SESSION['error_msg'])) {
+        exec (VESTA_CMD."v-add-dns-domain ".$user." ".$v_domain." ".$v_ip." ".$v_ns1." ".$v_ns2." ".$v_ns3." ".$v_ns4." ".$v_ns5."  ".$v_ns6."  ".$v_ns7." ".$v_ns8." no", $output, $return_var);
+        check_return_code($return_var,$output);
+        unset($output);
+    }
+
+
+    // Set expiriation date
+    if (empty($_SESSION['error_msg'])) {
+        if ((!empty($_POST['v_exp'])) && ($_POST['v_exp'] != date('Y-m-d', strtotime('+1 year')))) {
+            $v_exp = escapeshellarg($_POST['v_exp']);
+            exec (VESTA_CMD."v-change-dns-domain-exp ".$user." ".$v_domain." ".$v_exp." no", $output, $return_var);
+            check_return_code($return_var,$output);
+            unset($output);
+        }
+    }
+
+    // Set ttl
+    if (empty($_SESSION['error_msg'])) {
+        if ((!empty($_POST['v_ttl'])) && ($_POST['v_ttl'] != '14400') && (empty($_SESSION['error_msg']))) {
+            $v_ttl = escapeshellarg($_POST['v_ttl']);
+            exec (VESTA_CMD."v-change-dns-domain-ttl ".$user." ".$v_domain." ".$v_ttl." no", $output, $return_var);
+            check_return_code($return_var,$output);
+            unset($output);
+        }
+    }
+
+    // Restart dns server
+    if (empty($_SESSION['error_msg'])) {
+        exec (VESTA_CMD."v-restart-dns", $output, $return_var);
+        check_return_code($return_var,$output);
+        unset($output);
+    }
+
+    // Flush field values on success
+    if (empty($_SESSION['error_msg'])) {
+        $_SESSION['ok_msg'] = __('DNS_DOMAIN_CREATED_OK',htmlentities($_POST[v_domain]),htmlentities($_POST[v_domain]));
+        unset($v_domain);
+    }
+}
+
+
+// Check POST request for dns record
+if (!empty($_POST['ok_rec'])) {
+
+    // Check token
+    if ((!isset($_POST['token'])) || ($_SESSION['token'] != $_POST['token'])) {
+        header('location: /login/');
+        exit();
+    }
+
+    // Check empty fields
+    if (empty($_POST['v_domain'])) $errors[] = 'domain';
+    if (empty($_POST['v_rec'])) $errors[] = 'record';
+    if (empty($_POST['v_type'])) $errors[] = 'type';
+    if (empty($_POST['v_val'])) $errors[] = 'value';
+    if (!empty($errors[0])) {
+        foreach ($errors as $i => $error) {
+            if ( $i == 0 ) {
+                $error_msg = $error;
+            } else {
+                $error_msg = $error_msg.", ".$error;
+            }
+        }
+        $_SESSION['error_msg'] = __('Field "%s" can not be blank.',$error_msg);
+    }
+
+    // Protect input
+    $v_domain = escapeshellarg($_POST['v_domain']);
+    $v_rec = escapeshellarg($_POST['v_rec']);
+    $v_type = escapeshellarg($_POST['v_type']);
+    $v_val = escapeshellarg($_POST['v_val']);
+    $v_priority = escapeshellarg($_POST['v_priority']);
+
+    // Add dns record
+    if (empty($_SESSION['error_msg'])) {
+        exec (VESTA_CMD."v-add-dns-record ".$user." ".$v_domain." ".$v_rec." ".$v_type." ".$v_val." ".$v_priority, $output, $return_var);
+        check_return_code($return_var,$output);
+        unset($output);
+        $v_type = $_POST['v_type'];
+    }
+
+    // Flush field values on success
+    if (empty($_SESSION['error_msg'])) {
+        $_SESSION['ok_msg'] = __('DNS_RECORD_CREATED_OK',htmlentities($_POST[v_rec]),htmlentities($_POST[v_domain]));
+        unset($v_domain);
+        unset($v_rec);
+        unset($v_val);
+        unset($v_priority);
+    }
+}
+
+
+$v_ns1 = str_replace("'", "", $v_ns1);
+$v_ns2 = str_replace("'", "", $v_ns2);
+$v_ns3 = str_replace("'", "", $v_ns3);
+$v_ns4 = str_replace("'", "", $v_ns4);
+$v_ns5 = str_replace("'", "", $v_ns5);
+$v_ns6 = str_replace("'", "", $v_ns6);
+$v_ns7 = str_replace("'", "", $v_ns7);
+$v_ns8 = str_replace("'", "", $v_ns8);
+
+
+if (empty($_GET['domain'])) {
+    // Display body for dns domain
+
+    if (empty($v_ttl)) $v_ttl = 14400;
+    if (empty($v_exp)) $v_exp = date('Y-m-d', strtotime('+1 year'));
+    if (empty($v_ns1)) {
+        exec (VESTA_CMD."v-list-user-ns ".$user." json", $output, $return_var);
+        $nameservers = json_decode(implode('', $output), true);
+        $v_ns1 = str_replace("'", "", $nameservers[0]);
+        $v_ns2 = str_replace("'", "", $nameservers[1]);
+        $v_ns3 = str_replace("'", "", $nameservers[2]);
+        $v_ns4 = str_replace("'", "", $nameservers[3]);
+        $v_ns5 = str_replace("'", "", $nameservers[4]);
+        $v_ns6 = str_replace("'", "", $nameservers[5]);
+        $v_ns7 = str_replace("'", "", $nameservers[6]);
+        $v_ns8 = str_replace("'", "", $nameservers[7]);
+        unset($output);
+    }
+
+    // render_page($user, $TAB, 'add_dns');
+} else {
+    // Display body for dns record
+
+    $v_domain = $_GET['domain'];
+    // render_page($user, $TAB, 'add_dns_rec');
+}
+
+$result = array(
+  'error_msg' => $_SESSION['error_msg'],
+  'ok_msg' => $_SESSION['ok_msg']
+);
+
+echo json_encode($result);
+
+
+// Flush session messages
+unset($_SESSION['error_msg']);
+unset($_SESSION['ok_msg']);
+
diff --git a/web/api/v1/add/favorite/index.php b/web/api/v1/add/favorite/index.php
new file mode 100644
index 000000000..94d48dadd
--- /dev/null
+++ b/web/api/v1/add/favorite/index.php
@@ -0,0 +1,22 @@
+<?
+
+error_reporting(NULL);
+session_start();
+
+
+include($_SERVER['DOCUMENT_ROOT']."/inc/main.php");
+
+// Check token
+   // if ((!isset($_POST['token'])) || ($_SESSION['token'] != $_POST['token'])) {
+   //     exit();
+   // }
+
+    // Protect input
+    $v_section = escapeshellarg($_REQUEST['v_section']);
+    $v_unit_id = escapeshellarg($_REQUEST['v_unit_id']);
+
+    $_SESSION['favourites'][strtoupper($_REQUEST['v_section'])][$_REQUEST['v_unit_id']] = 1;
+
+    exec (VESTA_CMD."v-add-user-favourites ".$_SESSION['user']." ".$v_section." ".$v_unit_id, $output, $return_var);
+//    check_return_code($return_var,$output);
+?>
\ No newline at end of file
diff --git a/web/api/v1/add/firewall/banlist/index.php b/web/api/v1/add/firewall/banlist/index.php
new file mode 100644
index 000000000..e60b8066c
--- /dev/null
+++ b/web/api/v1/add/firewall/banlist/index.php
@@ -0,0 +1,68 @@
+<?php
+error_reporting(NULL);
+ob_start();
+$TAB = 'FIREWALL';
+
+header('Content-Type: application/json');
+
+// Main include
+include($_SERVER['DOCUMENT_ROOT']."/inc/main.php");
+
+// Check user
+if ($_SESSION['user'] != 'admin') {
+    header("Location: /list/user");
+    exit;
+}
+
+// Check POST request
+if (!empty($_POST['ok'])) {
+
+    // Check token
+    if ((!isset($_POST['token'])) || ($_SESSION['token'] != $_POST['token'])) {
+        exit();
+    }
+
+    // Check empty fields
+    if (empty($_POST['v_chain'])) $errors[] = __('banlist');
+    if (empty($_POST['v_ip'])) $errors[] = __('ip address');
+    if (!empty($errors[0])) {
+        foreach ($errors as $i => $error) {
+            if ( $i == 0 ) {
+                $error_msg = $error;
+            } else {
+                $error_msg = $error_msg.", ".$error;
+            }
+        }
+        $_SESSION['error_msg'] = __('Field "%s" can not be blank.',$error_msg);
+    }
+
+    // Protect input
+    $v_chain = escapeshellarg($_POST['v_chain']);
+    $v_ip = escapeshellarg($_POST['v_ip']);
+
+    // Add firewall ban
+    if (empty($_SESSION['error_msg'])) {
+        exec (VESTA_CMD."v-add-firewall-ban ".$v_ip." ".$v_chain, $output, $return_var);
+        check_return_code($return_var,$output);
+        unset($output);
+    }
+
+    // Flush field values on success
+    if (empty($_SESSION['error_msg'])) {
+        $_SESSION['ok_msg'] = __('BANLIST_CREATED_OK');
+        unset($v_ip);
+    }
+}
+
+$result = array(
+    'ip' => $v_ip,
+    'chain' => $v_chain,
+    'error_msg' => $_SESSION['error_msg'],
+    'ok_msg' => $_SESSION['ok_msg']
+);
+
+echo json_encode($result);
+
+// Flush session messages
+unset($_SESSION['error_msg']);
+unset($_SESSION['ok_msg']);
diff --git a/web/api/v1/add/firewall/index.php b/web/api/v1/add/firewall/index.php
new file mode 100644
index 000000000..0f6e69e27
--- /dev/null
+++ b/web/api/v1/add/firewall/index.php
@@ -0,0 +1,77 @@
+<?php
+error_reporting(NULL);
+ob_start();
+$TAB = 'FIREWALL';
+
+header('Content-Type: application/json');
+
+// Main include
+include($_SERVER['DOCUMENT_ROOT']."/inc/main.php");
+
+// Check user
+if ($_SESSION['user'] != 'admin') {
+    exit;
+}
+
+// Check POST request
+if (!empty($_POST['ok'])) {
+
+    // Check token
+    if ((!isset($_POST['token'])) || ($_SESSION['token'] != $_POST['token'])) {
+        exit();
+    }
+
+    // Check empty fields
+    if (empty($_POST['v_action'])) $errors[] = __('action');
+    if (empty($_POST['v_protocol'])) $errors[] = __('protocol');
+    if (!isset($_POST['v_port'])) $errors[] = __('port');
+    if (empty($_POST['v_ip'])) $errors[] = __('ip address');
+    if (!empty($errors[0])) {
+        foreach ($errors as $i => $error) {
+            if ( $i == 0 ) {
+                $error_msg = $error;
+            } else {
+                $error_msg = $error_msg.", ".$error;
+            }
+        }
+        $_SESSION['error_msg'] = __('Field "%s" can not be blank.',$error_msg);
+    }
+
+    // Protect input
+    $v_action = escapeshellarg($_POST['v_action']);
+    $v_protocol = escapeshellarg($_POST['v_protocol']);
+    $v_port = str_replace(" ",",", $_POST['v_port']);
+    $v_port = preg_replace('/\,+/', ',', $v_port);
+    $v_port = trim($v_port, ",");
+    $v_port = escapeshellarg($v_port);
+    $v_ip = escapeshellarg($_POST['v_ip']);
+    $v_comment = escapeshellarg($_POST['v_comment']);
+
+    // Add firewall rule
+    if (empty($_SESSION['error_msg'])) {
+        exec (VESTA_CMD."v-add-firewall-rule ".$v_action." ".$v_ip." ".$v_port." ".$v_protocol." ".$v_comment, $output, $return_var);
+        check_return_code($return_var,$output);
+        unset($output);
+    }
+
+    // Flush field values on success
+    if (empty($_SESSION['error_msg'])) {
+        $_SESSION['ok_msg'] = __('RULE_CREATED_OK');
+        unset($v_port);
+        unset($v_ip);
+        unset($v_comment);
+    }
+}
+
+// Render
+// render_page($user, $TAB, 'add_firewall');
+$result = array(
+    'ok_msg' => $_SESSION['ok_msg'],
+    'error_msg' => $_SESSION['error_msg']
+);
+
+echo json_encode($result);
+
+// Flush session messages
+unset($_SESSION['error_msg']);
+unset($_SESSION['ok_msg']);
\ No newline at end of file
diff --git a/web/api/v1/add/ip/index.php b/web/api/v1/add/ip/index.php
new file mode 100644
index 000000000..39a2959af
--- /dev/null
+++ b/web/api/v1/add/ip/index.php
@@ -0,0 +1,97 @@
+<?php
+error_reporting(NULL);
+ob_start();
+$TAB = 'IP';
+
+// Main include
+header('Content-Type: application/json');
+include($_SERVER['DOCUMENT_ROOT']."/inc/main.php");
+
+// Check user
+if ($_SESSION['user'] != 'admin') {
+    exit;
+}
+
+// Check POST request
+if (!empty($_POST['ok'])) {
+
+    // Check token
+    if ((!isset($_POST['token'])) || ($_SESSION['token'] != $_POST['token'])) {
+        exit();
+    }
+
+    // Check empty fields
+    if (empty($_POST['v_ip'])) $errors[] = __('ip address');
+    if (empty($_POST['v_netmask'])) $errors[] = __('netmask');
+    if (empty($_POST['v_interface'])) $errors[] = __('interface');
+    if (empty($_POST['v_owner'])) $errors[] = __('assigned user');
+    if (!empty($errors[0])) {
+        foreach ($errors as $i => $error) {
+            if ( $i == 0 ) {
+                $error_msg = $error;
+            } else {
+                $error_msg = $error_msg.", ".$error;
+            }
+        }
+        $_SESSION['error_msg'] = __('Field "%s" can not be blank.',$error_msg);
+    }
+
+    // Protect input
+    $v_ip = escapeshellarg($_POST['v_ip']);
+    $v_netmask = escapeshellarg($_POST['v_netmask']);
+    $v_name = escapeshellarg($_POST['v_name']);
+    $v_nat = escapeshellarg($_POST['v_nat']);
+    $v_interface = escapeshellarg($_POST['v_interface']);
+    $v_owner = escapeshellarg($_POST['v_owner']);
+    $v_shared = $_POST['v_shared'];
+
+    // Check shared checkmark
+    if ($v_shared == 'on') {
+        $ip_status = 'shared';
+    } else {
+        $ip_status = 'dedicated';
+        $v_dedicated = 'yes';
+
+    }
+
+    // Add IP
+    if (empty($_SESSION['error_msg'])) {
+        exec (VESTA_CMD."v-add-sys-ip ".$v_ip." ".$v_netmask." ".$v_interface."  ".$v_owner." ".$ip_status." ".$v_name." ".$v_nat, $output, $return_var);
+        check_return_code($return_var,$output);
+        unset($output);
+        $v_owner = $_POST['v_owner'];
+        $v_interface = $_POST['v_interface'];
+    }
+
+    // Flush field values on success
+    if (empty($_SESSION['error_msg'])) {
+        $_SESSION['ok_msg'] = __('IP_CREATED_OK',htmlentities($_POST['v_ip']),htmlentities($_POST['v_ip']));
+        unset($v_ip);
+        unset($v_netmask);
+        unset($v_name);
+        unset($v_nat);
+    }
+}
+
+// List network interfaces
+exec (VESTA_CMD."v-list-sys-interfaces json", $output, $return_var);
+$interfaces = json_decode(implode('', $output), true);
+unset($output);
+
+// List users
+exec (VESTA_CMD."v-list-sys-users json", $output, $return_var);
+$users = json_decode(implode('', $output), true);
+unset($output);
+
+$result = array(
+    'interfaces' => $interfaces,
+    'users' => $users,
+    'error_msg' => $_SESSION['error_msg'],
+    'ok_msg' => $_SESSION['ok_msg']
+);
+
+echo json_encode($result);
+
+// Flush session messages
+unset($_SESSION['error_msg']);
+unset($_SESSION['ok_msg']);
diff --git a/web/api/v1/add/mail/index.php b/web/api/v1/add/mail/index.php
new file mode 100644
index 000000000..8f5899587
--- /dev/null
+++ b/web/api/v1/add/mail/index.php
@@ -0,0 +1,219 @@
+<?php
+error_reporting(NULL);
+ob_start();
+$TAB = 'MAIL';
+header('Content-Type: application/json');
+// Main include
+include($_SERVER['DOCUMENT_ROOT']."/inc/main.php");
+
+
+// Check POST request for mail domain
+if (!empty($_POST['ok'])) {
+
+    // Check token
+    if ((!isset($_POST['token'])) || ($_SESSION['token'] != $_POST['token'])) {
+        exit();
+    }
+
+    // Check empty fields
+    if (empty($_POST['v_domain'])) $errors[] = __('domain');
+    if (!empty($errors[0])) {
+        foreach ($errors as $i => $error) {
+            if ( $i == 0 ) {
+                $error_msg = $error;
+            } else {
+                $error_msg = $error_msg.", ".$error;
+            }
+        }
+        $_SESSION['error_msg'] = __('Field "%s" can not be blank.',$error_msg);
+    }
+
+    // Check antispam option
+    if (!empty($_POST['v_antispam'])) {
+        $v_antispam = 'yes';
+    } else {
+        $v_antispam = 'no';
+    }
+
+    // Check antivirus option
+    if (!empty($_POST['v_antivirus'])) {
+        $v_antivirus = 'yes';
+    } else {
+        $v_antivirus = 'no';
+    }
+
+    // Check dkim option
+    if (!empty($_POST['v_dkim'])) {
+        $v_dkim = 'yes';
+    } else {
+        $v_dkim = 'no';
+    }
+
+    // Set domain name to lowercase and remove www prefix
+    $v_domain = preg_replace("/^www./i", "", $_POST['v_domain']);
+    $v_domain = escapeshellarg($v_domain);
+    $v_domain = strtolower($v_domain);
+
+    // Add mail domain
+    if (empty($_SESSION['error_msg'])) {
+        exec (VESTA_CMD."v-add-mail-domain ".$user." ".$v_domain." ".$v_antispam." ".$v_antivirus." ".$v_dkim, $output, $return_var);
+        check_return_code($return_var,$output);
+        unset($output);
+    }
+
+    // Flush field values on success
+    if (empty($_SESSION['error_msg'])) {
+        $_SESSION['ok_msg'] = __('MAIL_DOMAIN_CREATED_OK',htmlentities($_POST['v_domain']),htmlentities($_POST['v_domain']));
+        unset($v_domain);
+    }
+}
+
+
+// Check POST request for mail account
+if (!empty($_POST['ok_acc'])) {
+
+    // Check token
+    if ((!isset($_POST['token'])) || ($_SESSION['token'] != $_POST['token'])) {
+        exit();
+    }
+
+    // Check empty fields
+    if (empty($_POST['v_domain'])) $errors[] = __('domain');
+    if (empty($_POST['v_account'])) $errors[] = __('account');
+    if (empty($_POST['v_password'])) $errors[] = __('password');
+    if (!empty($errors[0])) {
+        foreach ($errors as $i => $error) {
+            if ( $i == 0 ) {
+                $error_msg = $error;
+            } else {
+                $error_msg = $error_msg.", ".$error;
+            }
+        }
+        $_SESSION['error_msg'] = __('Field "%s" can not be blank.',$error_msg);
+    }
+
+    // Validate email
+    if ((!empty($_POST['v_send_email'])) && (empty($_SESSION['error_msg']))) {
+        if (!filter_var($_POST['v_send_email'], FILTER_VALIDATE_EMAIL)) {
+            $_SESSION['error_msg'] = __('Please enter valid email address.');
+        }
+    }
+
+    // Protect input
+    $v_domain = escapeshellarg($_POST['v_domain']);
+    $v_domain = strtolower($v_domain);
+    $v_account = escapeshellarg($_POST['v_account']);
+    $v_quota = escapeshellarg($_POST['v_quota']);
+    $v_send_email = $_POST['v_send_email'];
+    $v_credentials = $_POST['v_credentials'];
+    $v_aliases = $_POST['v_aliases'];
+    $v_fwd = $_POST['v_fwd'];
+    if (empty($_POST['v_quota'])) $v_quota = 0;
+    if ((!empty($_POST['v_quota'])) || (!empty($_POST['v_aliases'])) || (!empty($_POST['v_fwd'])) ) $v_adv = 'yes';
+
+    // Add Mail Account
+    if (empty($_SESSION['error_msg'])) {
+        $v_password = tempnam("/tmp","vst");
+        $fp = fopen($v_password, "w");
+        fwrite($fp, $_POST['v_password']."\n");
+        fclose($fp);
+        exec (VESTA_CMD."v-add-mail-account ".$user." ".$v_domain." ".$v_account." ".$v_password." ".$v_quota, $output, $return_var);
+        check_return_code($return_var,$output);
+        unset($output);
+        unlink($v_password);
+        $v_password = escapeshellarg($_POST['v_password']);
+    }
+
+    // Add Aliases
+    if ((!empty($_POST['v_aliases'])) && (empty($_SESSION['error_msg']))) {
+        $valiases = preg_replace("/\n/", " ", $_POST['v_aliases']);
+        $valiases = preg_replace("/,/", " ", $valiases);
+        $valiases = preg_replace('/\s+/', ' ',$valiases);
+        $valiases = trim($valiases);
+        $aliases = explode(" ", $valiases);
+        foreach ($aliases as $alias) {
+            $alias = escapeshellarg($alias);
+            if (empty($_SESSION['error_msg'])) {
+                exec (VESTA_CMD."v-add-mail-account-alias ".$user." ".$v_domain." ".$v_account." ".$alias, $output, $return_var);
+                check_return_code($return_var,$output);
+                unset($output);
+            }
+        }
+    }
+
+    // Add Forwarders
+    if ((!empty($_POST['v_fwd'])) && (empty($_SESSION['error_msg']))) {
+        $vfwd = preg_replace("/\n/", " ", $_POST['v_fwd']);
+        $vfwd = preg_replace("/,/", " ", $vfwd);
+        $vfwd = preg_replace('/\s+/', ' ',$vfwd);
+        $vfwd = trim($vfwd);
+        $fwd = explode(" ", $vfwd);
+        foreach ($fwd as $forward) {
+            $forward = escapeshellarg($forward);
+            if (empty($_SESSION['error_msg'])) {
+                exec (VESTA_CMD."v-add-mail-account-forward ".$user." ".$v_domain." ".$v_account." ".$forward, $output, $return_var);
+                check_return_code($return_var,$output);
+                unset($output);
+            }
+        }
+    }
+
+    // Add fwd_only flag
+    if ((!empty($_POST['v_fwd_only'])) && (empty($_SESSION['error_msg']))) {
+        exec (VESTA_CMD."v-add-mail-account-fwd-only ".$user." ".$v_domain." ".$v_account, $output, $return_var);
+        check_return_code($return_var,$output);
+        unset($output);
+    }
+
+    // Get webmail url
+    if (empty($_SESSION['error_msg'])) {
+        list($http_host, $port) = explode(':', $_SERVER["HTTP_HOST"].":");
+        $webmail = "http://".$http_host."/webmail/";
+        if (!empty($_SESSION['MAIL_URL'])) $webmail = $_SESSION['MAIL_URL'];
+    }
+
+    // Email login credentials
+    if ((!empty($v_send_email)) && (empty($_SESSION['error_msg']))) {
+        $to = $v_send_email;
+        $subject = __("Email Credentials");
+        $hostname = exec('hostname');
+        $from = __('MAIL_FROM', $hostname);
+        $mailtext = $v_credentials;
+        send_email($to, $subject, $mailtext, $from);
+    }
+
+    // Flush field values on success
+    if (empty($_SESSION['error_msg'])) {
+        $_SESSION['ok_msg'] = __('MAIL_ACCOUNT_CREATED_OK',htmlentities(strtolower($_POST['v_account'])),htmlentities($_POST[v_domain]),htmlentities(strtolower($_POST['v_account'])),htmlentities($_POST[v_domain]));
+        $_SESSION['ok_msg'] .= " / <a href=".$webmail." target='_blank'>" . __('open webmail') . "</a>";
+        unset($v_account);
+        unset($v_password);
+        unset($v_password);
+        unset($v_aliases);
+        unset($v_fwd);
+        unset($v_quota);
+    }
+}
+
+// Render page
+if (empty($_GET['domain'])) {
+    // Display body for mail domain
+
+    // render_page($user, $TAB, 'add_mail');
+} else {
+    // Display body for mail account
+
+    $v_domain = $_GET['domain'];
+    // render_page($user, $TAB, 'add_mail_acc');
+}
+
+$result = array(
+  'error_msg' => $_SESSION['error_msg'],
+  'ok_msg' => $_SESSION['ok_msg']
+);
+
+echo json_encode($result);
+
+// Flush session messages
+unset($_SESSION['error_msg']);
+unset($_SESSION['ok_msg']);
\ No newline at end of file
diff --git a/web/api/v1/add/package/index.php b/web/api/v1/add/package/index.php
new file mode 100644
index 000000000..055d0e9c1
--- /dev/null
+++ b/web/api/v1/add/package/index.php
@@ -0,0 +1,224 @@
+<?php
+error_reporting(NULL);
+ob_start();
+$TAB = 'PACKAGE';
+
+// Main include
+include($_SERVER['DOCUMENT_ROOT']."/inc/main.php");
+header('Content-Type: application/json');
+
+// Check user
+if ($_SESSION['user'] != 'admin') {
+    exit;
+}
+
+// Check POST request
+if (!empty($_POST['ok'])) {
+
+    // Check token
+    if ((!isset($_POST['token'])) || ($_SESSION['token'] != $_POST['token'])) {
+        exit();
+    }
+
+    // Check empty fields
+    if (empty($_POST['v_package'])) $errors[] = __('package');
+    if (empty($_POST['v_web_template'])) $errors[] = __('web template');
+    if (!empty($_SESSION['WEB_BACKEND'])) {
+        if (empty($_POST['v_backend_template'])) $errors[] = __('backend template');
+    }
+    if (!empty($_SESSION['PROXY_SYSTEM'])) {
+        if (empty($_POST['v_proxy_template'])) $errors[] = __('proxy template');
+    }
+    if (empty($_POST['v_dns_template'])) $errors[] = __('dns template');
+    if (empty($_POST['v_shell'])) $errrors[] = __('shell');
+    if (!isset($_POST['v_web_domains'])) $errors[] = __('web domains');
+    if (!isset($_POST['v_web_aliases'])) $errors[] = __('web aliases');
+    if (!isset($_POST['v_dns_domains'])) $errors[] = __('dns domains');
+    if (!isset($_POST['v_dns_records'])) $errors[] = __('dns records');
+    if (!isset($_POST['v_mail_domains'])) $errors[] = __('mail domains');
+    if (!isset($_POST['v_mail_accounts'])) $errors[] = __('mail accounts');
+    if (!isset($_POST['v_databases'])) $errors[] = __('databases');
+    if (!isset($_POST['v_cron_jobs'])) $errors[] = __('cron jobs');
+    if (!isset($_POST['v_backups'])) $errors[] = __('backups');
+    if (!isset($_POST['v_disk_quota'])) $errors[] = __('quota');
+    if (!isset($_POST['v_bandwidth'])) $errors[] = __('bandwidth');
+    if (empty($_POST['v_ns1'])) $errors[] = __('ns1');
+    if (empty($_POST['v_ns2'])) $errors[] = __('ns2');
+    if (!empty($errors[0])) {
+        foreach ($errors as $i => $error) {
+            if ( $i == 0 ) {
+                $error_msg = $error;
+            } else {
+                $error_msg = $error_msg.", ".$error;
+            }
+        }
+        $_SESSION['error_msg'] = __('Field "%s" can not be blank.',$error_msg);
+    }
+
+    // Protect input
+    $v_package = escapeshellarg($_POST['v_package']);
+    $v_web_template = escapeshellarg($_POST['v_web_template']);
+    $v_backend_template = escapeshellarg($_POST['v_backend_template']);
+    $v_proxy_template = escapeshellarg($_POST['v_proxy_template']);
+    $v_dns_template = escapeshellarg($_POST['v_dns_template']);
+    $v_shell = escapeshellarg($_POST['v_shell']);
+    $v_web_domains = escapeshellarg($_POST['v_web_domains']);
+    $v_web_aliases = escapeshellarg($_POST['v_web_aliases']);
+    $v_dns_domains = escapeshellarg($_POST['v_dns_domains']);
+    $v_dns_records = escapeshellarg($_POST['v_dns_records']);
+    $v_mail_domains = escapeshellarg($_POST['v_mail_domains']);
+    $v_mail_accounts = escapeshellarg($_POST['v_mail_accounts']);
+    $v_databases = escapeshellarg($_POST['v_databases']);
+    $v_cron_jobs = escapeshellarg($_POST['v_cron_jobs']);
+    $v_backups = escapeshellarg($_POST['v_backups']);
+    $v_disk_quota = escapeshellarg($_POST['v_disk_quota']);
+    $v_bandwidth = escapeshellarg($_POST['v_bandwidth']);
+    $v_ns1 = trim($_POST['v_ns1'], '.');
+    $v_ns2 = trim($_POST['v_ns2'], '.');
+    $v_ns3 = trim($_POST['v_ns3'], '.');
+    $v_ns4 = trim($_POST['v_ns4'], '.');
+    $v_ns5 = trim($_POST['v_ns5'], '.');
+    $v_ns6 = trim($_POST['v_ns6'], '.');
+    $v_ns7 = trim($_POST['v_ns7'], '.');
+    $v_ns8 = trim($_POST['v_ns8'], '.');
+    $v_ns = $v_ns1.",".$v_ns2;
+    if (!empty($v_ns3)) $v_ns .= ",".$v_ns3;
+    if (!empty($v_ns4)) $v_ns .= ",".$v_ns4;
+    if (!empty($v_ns5)) $v_ns .= ",".$v_ns5;
+    if (!empty($v_ns6)) $v_ns .= ",".$v_ns6;
+    if (!empty($v_ns7)) $v_ns .= ",".$v_ns7;
+    if (!empty($v_ns8)) $v_ns .= ",".$v_ns8;
+    $v_ns = escapeshellarg($v_ns);
+    $v_time = escapeshellarg(date('H:i:s'));
+    $v_date = escapeshellarg(date('Y-m-d'));
+
+    // Create temporary dir
+    if (empty($_SESSION['error_msg'])) {
+        exec ('mktemp -d', $output, $return_var);
+        $tmpdir = $output[0];
+        check_return_code($return_var,$output);
+        unset($output);
+    }
+
+    // Create package file
+    if (empty($_SESSION['error_msg'])) {
+        $pkg = "WEB_TEMPLATE=".$v_web_template."\n";
+        if (!empty($_SESSION['WEB_BACKEND'])) {
+            $pkg .= "BACKEND_TEMPLATE=".$v_backend_template."\n";
+        }
+        if (!empty($_SESSION['PROXY_SYSTEM'])) {
+            $pkg .= "PROXY_TEMPLATE=".$v_proxy_template."\n";
+        }
+        $pkg .= "DNS_TEMPLATE=".$v_dns_template."\n";
+        $pkg .= "WEB_DOMAINS=".$v_web_domains."\n";
+        $pkg .= "WEB_ALIASES=".$v_web_aliases."\n";
+        $pkg .= "DNS_DOMAINS=".$v_dns_domains."\n";
+        $pkg .= "DNS_RECORDS=".$v_dns_records."\n";
+        $pkg .= "MAIL_DOMAINS=".$v_mail_domains."\n";
+        $pkg .= "MAIL_ACCOUNTS=".$v_mail_accounts."\n";
+        $pkg .= "DATABASES=".$v_databases."\n";
+        $pkg .= "CRON_JOBS=".$v_cron_jobs."\n";
+        $pkg .= "DISK_QUOTA=".$v_disk_quota."\n";
+        $pkg .= "BANDWIDTH=".$v_bandwidth."\n";
+        $pkg .= "NS=".$v_ns."\n";
+        $pkg .= "SHELL=".$v_shell."\n";
+        $pkg .= "BACKUPS=".$v_backups."\n";
+        $pkg .= "TIME=".$v_time."\n";
+        $pkg .= "DATE=".$v_date."\n";
+
+        $fp = fopen($tmpdir."/".$_POST['v_package'].".pkg", 'w');
+        fwrite($fp, $pkg);
+        fclose($fp);
+    }
+
+    // Add new package
+    if (empty($_SESSION['error_msg'])) {
+        exec (VESTA_CMD."v-add-user-package ".$tmpdir." ".$v_package, $output, $return_var);
+        check_return_code($return_var,$output);
+        unset($output);
+    }
+
+    // Remove tmpdir
+    exec ('rm -rf '.$tmpdir, $output, $return_var);
+    unset($output);
+
+    // Flush field values on success
+    if (empty($_SESSION['error_msg'])) {
+        $_SESSION['ok_msg'] = __('PACKAGE_CREATED_OK',htmlentities($_POST['v_package']),htmlentities($_POST['v_package']));
+        unset($v_package);
+    }
+
+}
+
+
+// List web temmplates
+exec (VESTA_CMD."v-list-web-templates json", $output, $return_var);
+$web_templates = json_decode(implode('', $output), true);
+unset($output);
+
+// List web templates for backend
+if (!empty($_SESSION['WEB_BACKEND'])) {
+    exec (VESTA_CMD."v-list-web-templates-backend json", $output, $return_var);
+    $backend_templates = json_decode(implode('', $output), true);
+    unset($output);
+}
+
+// List web templates for proxy
+if (!empty($_SESSION['PROXY_SYSTEM'])) {
+    exec (VESTA_CMD."v-list-web-templates-proxy json", $output, $return_var);
+    $proxy_templates = json_decode(implode('', $output), true);
+    unset($output);
+}
+
+// List DNS templates
+exec (VESTA_CMD."v-list-dns-templates json", $output, $return_var);
+$dns_templates = json_decode(implode('', $output), true);
+unset($output);
+
+// List system shells
+exec (VESTA_CMD."v-list-sys-shells json", $output, $return_var);
+$shells = json_decode(implode('', $output), true);
+unset($output);
+
+// Set default values
+if (empty($v_web_template)) $v_web_template = 'default';
+if (empty($v_backend_template)) $v_backend_template = 'default';
+if (empty($v_proxy_template)) $v_proxy_template = 'default';
+if (empty($v_dns_template)) $v_dns_template = 'default';
+if (empty($v_shell)) $v_shell = 'nologin';
+if (empty($v_web_domains)) $v_web_domains = "'1'";
+if (empty($v_web_aliases)) $v_web_aliases = "'1'";
+if (empty($v_dns_domains)) $v_dns_domains = "'1'";
+if (empty($v_dns_records)) $v_dns_records = "'1'";
+if (empty($v_mail_domains)) $v_mail_domains = "'1'";
+if (empty($v_mail_accounts)) $v_mail_accounts = "'1'";
+if (empty($v_databases)) $v_databases = "'1'";
+if (empty($v_cron_jobs)) $v_cron_jobs = "'1'";
+if (empty($v_backups)) $v_backups = "'1'";
+if (empty($v_disk_quota)) $v_disk_quota = "'1000'";
+if (empty($v_bandwidth)) $v_bandwidth = "'1000'";
+if (empty($v_ns1)) $v_ns1 = 'ns1.example.ltd';
+if (empty($v_ns2)) $v_ns2 = 'ns2.example.ltd';
+
+// Render page
+// render_page($user, $TAB, 'add_package');
+
+$result = array(
+	'web_system' => $_SESSION['WEB_SYSTEM'],
+	'web_templates' => $web_templates,
+	'web_backend' => $_SESSION['WEB_BACKEND'],
+	'backend_templates' => $backend_templates,
+	'proxy_system' => $_SESSION['PROXY_SYSTEM'],
+	'proxy_templates' => $proxy_templates,
+	'dns_system' => $_SESSION['DNS_SYSTEM'],
+	'dns_templates' => $dns_templates,
+	'ssh_access' => $shells,
+	'ok_msg' => $_SESSION['ok_msg'],
+	'error_msg' => $_SESSION['error_msg']
+);
+
+echo json_encode($result);
+
+// Flush session messages
+unset($_SESSION['error_msg']);
+unset($_SESSION['ok_msg']);
\ No newline at end of file
diff --git a/web/api/v1/add/user/index.php b/web/api/v1/add/user/index.php
new file mode 100644
index 000000000..5057b774a
--- /dev/null
+++ b/web/api/v1/add/user/index.php
@@ -0,0 +1,131 @@
+<?php
+error_reporting(NULL);
+ob_start();
+$TAB = 'USER';
+
+// Main include
+include($_SERVER['DOCUMENT_ROOT']."/inc/main.php");
+
+// Check user
+if ($_SESSION['user'] != 'admin') {
+    exit;
+}
+
+// Check POST request
+if (!empty($_POST['ok'])) {
+
+    // Check token
+    if ((!isset($_POST['token'])) || ($_SESSION['token'] != $_POST['token'])) {
+        exit();
+    }
+
+    // Check empty fields
+    if (empty($_POST['v_username'])) $errors[] = __('user');
+    if (empty($_POST['v_password'])) $errors[] = __('password');
+    if (empty($_POST['v_package'])) $errrors[] = __('package');
+    if (empty($_POST['v_email'])) $errors[] = __('email');
+    if (empty($_POST['v_fname'])) $errors[] = __('first name');
+    if (empty($_POST['v_lname'])) $errors[] = __('last name');
+    if (!empty($errors[0])) {
+        foreach ($errors as $i => $error) {
+            if ( $i == 0 ) {
+                $error_msg = $error;
+            } else {
+                $error_msg = $error_msg.", ".$error;
+            }
+        }
+        $_SESSION['error_msg'] = __('Field "%s" can not be blank.',$error_msg);
+    }
+
+    // Validate email
+    if ((empty($_SESSION['error_msg'])) && (!filter_var($_POST['v_email'], FILTER_VALIDATE_EMAIL))) {
+        $_SESSION['error_msg'] = __('Please enter valid email address.');
+    }
+
+    // Check password length
+    if (empty($_SESSION['error_msg'])) {
+        $pw_len = strlen($_POST['v_password']);
+        if ($pw_len < 6 ) $_SESSION['error_msg'] = __('Password is too short.',$error_msg);
+    }
+
+    // Protect input
+    $v_username = escapeshellarg($_POST['v_username']);
+    $v_email = escapeshellarg($_POST['v_email']);
+    $v_package = escapeshellarg($_POST['v_package']);
+    $v_language = escapeshellarg($_POST['v_language']);
+    $v_fname = escapeshellarg($_POST['v_fname']);
+    $v_lname = escapeshellarg($_POST['v_lname']);
+    $v_notify = $_POST['v_notify'];
+
+
+    // Add user
+    if (empty($_SESSION['error_msg'])) {
+        $v_password = tempnam("/tmp","vst");
+        $fp = fopen($v_password, "w");
+        fwrite($fp, $_POST['v_password']."\n");
+        fclose($fp);
+        exec (VESTA_CMD."v-add-user ".$v_username." ".$v_password." ".$v_email." ".$v_package." ".$v_fname." ".$v_lname, $output, $return_var);
+        check_return_code($return_var,$output);
+        unset($output);
+        unlink($v_password);
+        $v_password = escapeshellarg($_POST['v_password']);
+    }
+
+    // Set language
+    if (empty($_SESSION['error_msg'])) {
+        exec (VESTA_CMD."v-change-user-language ".$v_username." ".$v_language, $output, $return_var);
+        check_return_code($return_var,$output);
+        unset($output);
+    }
+
+    // Send email to the new user
+    if ((empty($_SESSION['error_msg'])) && (!empty($v_notify))) {
+        $to = $_POST['v_notify'];
+        $subject = _translate($_POST['v_language'],"Welcome to Vesta Control Panel");
+        $hostname = exec('hostname');
+        unset($output);
+        $from = _translate($_POST['v_language'],'MAIL_FROM',$hostname);
+        if (!empty($_POST['v_fname'])) {
+            $mailtext = _translate($_POST['v_language'],'GREETINGS_GORDON_FREEMAN',$_POST['v_fname'],$_POST['v_lname']);
+        } else {
+            $mailtext = _translate($_POST['v_language'],'GREETINGS');
+        }
+        $mailtext .= _translate($_POST['v_language'],'ACCOUNT_READY',$_SERVER['HTTP_HOST'],$_POST['v_username'],$_POST['v_password']);
+        send_email($to, $subject, $mailtext, $from);
+    }
+
+    // Flush field values on success
+    if (empty($_SESSION['error_msg'])) {
+        $_SESSION['ok_msg'] = __('USER_CREATED_OK',htmlentities($_POST['v_username']),htmlentities($_POST['v_username']));
+        $_SESSION['ok_msg'] .= " / <a href=/login/?loginas=".htmlentities($_POST['v_username']).">" . __('login as') ." ".htmlentities($_POST['v_username']). "</a>";
+        unset($v_username);
+        unset($v_password);
+        unset($v_email);
+        unset($v_fname);
+        unset($v_lname);
+        unset($v_notify);
+    }
+}
+
+
+// List hosting packages
+exec (VESTA_CMD."v-list-user-packages json", $output, $return_var);
+check_error($return_var);
+$data = json_decode(implode('', $output), true);
+unset($output);
+
+// List languages
+exec (VESTA_CMD."v-list-sys-languages json", $output, $return_var);
+$languages = json_decode(implode('', $output), true);
+unset($output);
+
+$result = array(
+  'error_msg' => $_SESSION['error_msg'],
+  'ok_msg' => $_SESSION['ok_msg']
+);
+
+echo json_encode($result);
+
+// Flush session messages
+unset($_SESSION['error_msg']);
+unset($_SESSION['ok_msg']);
\ No newline at end of file
diff --git a/web/api/v1/add/web/index.php b/web/api/v1/add/web/index.php
new file mode 100644
index 000000000..182d1081e
--- /dev/null
+++ b/web/api/v1/add/web/index.php
@@ -0,0 +1,371 @@
+<?php
+error_reporting(NULL);
+ob_start();
+$TAB = 'WEB';
+header('Content-Type: application/json');
+// Main include
+include($_SERVER['DOCUMENT_ROOT']."/inc/main.php");
+
+// Check POST request
+if (!empty($_POST['ok'])) {
+
+    // Check token
+    if ((!isset($_POST['token'])) || ($_SESSION['token'] != $_POST['token'])) {
+        exit();
+    }
+
+    // Check for empty fields
+    if (empty($_POST['v_domain'])) $errors[] = __('domain');
+    if (empty($_POST['v_ip'])) $errors[] = __('ip');
+    if ((!empty($_POST['v_ssl'])) && (empty($_POST['v_ssl_crt']))&& (empty($_POST['v_letsencrypt']))) $errors[] = __('ssl certificate');
+    if ((!empty($_POST['v_ssl'])) && (empty($_POST['v_ssl_key']))&& (empty($_POST['v_letsencrypt']))) $errors[] = __('ssl key');
+    if (!empty($errors[0])) {
+        foreach ($errors as $i => $error) {
+            if ( $i == 0 ) {
+                $error_msg = $error;
+            } else {
+                $error_msg = $error_msg.", ".$error;
+            }
+        }
+        $_SESSION['error_msg'] = __('Field "%s" can not be blank.',$error_msg);
+    }
+
+    // Check stats password length
+    if ((!empty($v_stats)) && (empty($_SESSION['error_msg']))) {
+        if (!empty($_POST['v_stats_user'])) {
+            $pw_len = strlen($_POST['v_stats_password']);
+            if ($pw_len < 6 ) $_SESSION['error_msg'] = __('Password is too short.',$error_msg);
+        }
+    }
+
+    // Set domain to lowercase and remove www prefix
+    $v_domain = preg_replace("/^www\./i", "", $_POST['v_domain']);
+    $v_domain = escapeshellarg($v_domain);
+    $v_domain = strtolower($v_domain);
+
+    // Define domain ip address
+    $v_ip = escapeshellarg($_POST['v_ip']);
+
+    // Using public IP instead of internal IP when creating DNS 
+    // Gets public IP from 'v-list-user-ips' command (that reads /vesta/data/ips/ip), precisely from 'NAT' field
+    $v_public_ip = $v_ip;
+    $v_clean_ip = $_POST['v_ip'];  // clean_ip = IP without quotas
+    exec (VESTA_CMD."v-list-user-ips ".$user." json", $output, $return_var);
+    $ips = json_decode(implode('', $output), true);
+    unset($output);
+    if (isset($ips[$v_clean_ip]) && isset($ips[$v_clean_ip]['NAT']) && trim($ips[$v_clean_ip]['NAT'])!='') {
+        $v_public_ip = trim($ips[$v_clean_ip]['NAT']);
+        $v_public_ip = escapeshellarg($v_public_ip);
+    }
+
+    // Define domain aliases
+    $v_aliases = $_POST['v_aliases'];
+    $aliases = preg_replace("/\n/", ",", $v_aliases);
+    $aliases = preg_replace("/\r/", ",", $aliases);
+    $aliases = preg_replace("/\t/", ",", $aliases);
+    $aliases = preg_replace("/ /", ",", $aliases);
+    $aliases_arr = explode(",", $aliases);
+    $aliases_arr = array_unique($aliases_arr);
+    $aliases_arr = array_filter($aliases_arr);
+    $aliases = implode(",",$aliases_arr);
+    $aliases = escapeshellarg($aliases);
+    if (empty($_POST['v_aliases'])) $aliases = 'none';
+
+    // Define proxy extensions
+    $v_proxy_ext = $_POST['v_proxy_ext'];
+    $proxy_ext = preg_replace("/\n/", ",", $v_proxy_ext);
+    $proxy_ext = preg_replace("/\r/", ",", $proxy_ext);
+    $proxy_ext = preg_replace("/\t/", ",", $proxy_ext);
+    $proxy_ext = preg_replace("/ /", ",", $proxy_ext);
+    $proxy_ext_arr = explode(",", $proxy_ext);
+    $proxy_ext_arr = array_unique($proxy_ext_arr);
+    $proxy_ext_arr = array_filter($proxy_ext_arr);
+    $proxy_ext = implode(",",$proxy_ext_arr);
+    $proxy_ext = escapeshellarg($proxy_ext);
+
+    // Define other options
+    $v_elog = $_POST['v_elog'];
+    $v_ssl = $_POST['v_ssl'];
+    $v_ssl_crt = $_POST['v_ssl_crt'];
+    $v_ssl_key = $_POST['v_ssl_key'];
+    $v_ssl_ca = $_POST['v_ssl_ca'];
+    $v_ssl_home = $data[$v_domain]['SSL_HOME'];
+    $v_letsencrypt = $_POST['v_letsencrypt'];
+    $v_stats = escapeshellarg($_POST['v_stats']);
+    $v_stats_user = $data[$v_domain]['STATS_USER'];
+    $v_stats_password = $data[$v_domain]['STATS_PASSWORD'];
+    $v_ftp = $_POST['v_ftp'];
+    $v_ftp_user = $_POST['v_ftp_user'];
+    $v_ftp_password = $_POST['v_ftp_password'];
+    $v_ftp_email = $_POST['v_ftp_email'];
+    if (!empty($v_domain)) $v_ftp_user_prepath .= $v_domain;
+
+    // Set advanced option checkmark
+    if (!empty($_POST['v_proxy'])) $v_adv = 'yes';
+    if (!empty($_POST['v_ftp'])) $v_adv = 'yes';
+    if ($_POST['v_proxy_ext'] != $v_proxy_ext) $v_adv = 'yes';
+    if ((!empty($_POST['v_aliases'])) && ($_POST['v_aliases'] != 'www.'.$_POST['v_domain'])) $v_adv = 'yes';
+    if ((!empty($_POST['v_ssl'])) || (!empty($_POST['v_elog']))) $v_adv = 'yes';
+    if ((!empty($_POST['v_ssl_crt'])) || (!empty($_POST['v_ssl_key']))) $v_adv = 'yes';
+    if ((!empty($_POST['v_ssl_ca'])) || ($_POST['v_stats'] != 'none')) $v_adv = 'yes';
+    if ((!empty($_POST['v_letsencrypt']))) $v_adv = 'yes';
+
+    // Check advanced features
+    if (empty($_POST['v_dns'])) $v_dns = 'off';
+    if (empty($_POST['v_mail'])) $v_mail = 'off';
+    if (empty($_POST['v_proxy'])) $v_proxy = 'off';
+
+    // Add web domain
+    if (empty($_SESSION['error_msg'])) {
+        exec (VESTA_CMD."v-add-web-domain ".$user." ".$v_domain." ".$v_ip." no ".$aliases." ".$proxy_ext, $output, $return_var);
+        check_return_code($return_var,$output);
+        unset($output);
+        $domain_added = empty($_SESSION['error_msg']);
+    }
+
+    // Add DNS domain
+    if (($_POST['v_dns'] == 'on') && (empty($_SESSION['error_msg']))) {
+        exec (VESTA_CMD."v-add-dns-domain ".$user." ".$v_domain." ".$v_public_ip." '' '' '' '' '' '' '' '' no", $output, $return_var);
+        check_return_code($return_var,$output);
+        unset($output);
+    }
+
+    // Add DNS for domain aliases
+    if (($_POST['v_dns'] == 'on') && (empty($_SESSION['error_msg']))) {
+        foreach ($aliases_arr as $alias) {
+            if ($alias != "www.".$_POST['v_domain']) {
+                $alias = escapeshellarg($alias);
+                exec (VESTA_CMD."v-add-dns-on-web-alias ".$user." ".$alias." ".$v_ip." no", $output, $return_var);
+                check_return_code($return_var,$output);
+                unset($output);
+            }
+        }
+    }
+
+    // Add mail domain
+    if (($_POST['v_mail'] == 'on') && (empty($_SESSION['error_msg']))) {
+        exec (VESTA_CMD."v-add-mail-domain ".$user." ".$v_domain, $output, $return_var);
+        check_return_code($return_var,$output);
+        unset($output);
+    }
+
+    // Delete proxy support
+    if ((!empty($_SESSION['PROXY_SYSTEM'])) && ($_POST['v_proxy'] == 'off')  && (empty($_SESSION['error_msg']))) {
+        $ext = escapeshellarg($ext);
+        exec (VESTA_CMD."v-delete-web-domain-proxy ".$user." ".$v_domain." no", $output, $return_var);
+        check_return_code($return_var,$output);
+        unset($output);
+    }
+
+    // Add Lets Encrypt support
+     if ((!empty($_POST['v_letsencrypt'])) && (empty($_SESSION['error_msg']))) {
+        exec (VESTA_CMD."v-schedule-letsencrypt-domain ".$user." ".$v_domain, $output, $return_var);
+        check_return_code($return_var,$output);
+        unset($output);
+     } else {
+        // Add SSL certificates only if Lets Encrypt is off
+         if ((!empty($_POST['v_ssl'])) && (empty($_SESSION['error_msg']))) {
+             exec ('mktemp -d', $output, $return_var);
+             $tmpdir = $output[0];
+             unset($output);
+
+             // Save certificate
+             if (!empty($_POST['v_ssl_crt'])) {
+                 $fp = fopen($tmpdir."/".$_POST['v_domain'].".crt", 'w');
+                 fwrite($fp, str_replace("\r\n", "\n", $_POST['v_ssl_crt']));
+                 fwrite($fp, "\n");
+                 fclose($fp);
+             }
+
+             // Save private key
+             if (!empty($_POST['v_ssl_key'])) {
+                 $fp = fopen($tmpdir."/".$_POST['v_domain'].".key", 'w');
+                 fwrite($fp, str_replace("\r\n", "\n", $_POST['v_ssl_key']));
+                 fwrite($fp, "\n");
+                 fclose($fp);
+             }
+
+             // Save CA bundle
+             if (!empty($_POST['v_ssl_ca'])) {
+                 $fp = fopen($tmpdir."/".$_POST['v_domain'].".ca", 'w');
+                 fwrite($fp, str_replace("\r\n", "\n", $_POST['v_ssl_ca']));
+                 fwrite($fp, "\n");
+                 fclose($fp);
+             }
+
+             $v_ssl_home = escapeshellarg($_POST['v_ssl_home']);
+             exec (VESTA_CMD."v-add-web-domain-ssl ".$user." ".$v_domain." ".$tmpdir." ".$v_ssl_home." no", $output, $return_var);
+             check_return_code($return_var,$output);
+             unset($output);
+         }
+     }
+
+    // Add web stats
+    if ((!empty($_POST['v_stats'])) && ($_POST['v_stats'] != 'none' ) && (empty($_SESSION['error_msg']))) {
+        $v_stats = escapeshellarg($_POST['v_stats']);
+        exec (VESTA_CMD."v-add-web-domain-stats ".$user." ".$v_domain." ".$v_stats, $output, $return_var);
+        check_return_code($return_var,$output);
+        unset($output);
+    }
+
+    // Add web stats password
+    if ((!empty($_POST['v_stats_user'])) && (empty($_SESSION['error_msg']))) {
+        $v_stats_user = escapeshellarg($_POST['v_stats_user']);
+        $v_stats_password = tempnam("/tmp","vst");
+        $fp = fopen($v_stats_password, "w");
+        fwrite($fp, $_POST['v_stats_password']."\n");
+        fclose($fp);
+        exec (VESTA_CMD."v-add-web-domain-stats-user ".$user." ".$v_domain." ".$v_stats_user." ".$v_stats_password, $output, $return_var);
+        check_return_code($return_var,$output);
+        unset($output);
+        unlink($v_stats_password);
+        $v_stats_password = escapeshellarg($_POST['v_stats_password']);
+    }
+
+    // Restart DNS server
+    if (($_POST['v_dns'] == 'on') && (empty($_SESSION['error_msg']))) {
+        exec (VESTA_CMD."v-restart-dns", $output, $return_var);
+        check_return_code($return_var,$output);
+        unset($output);
+    }
+
+    // Restart web server
+    if (empty($_SESSION['error_msg'])) {
+        exec (VESTA_CMD."v-restart-web", $output, $return_var);
+        check_return_code($return_var,$output);
+        unset($output);
+    }
+
+    // Restart proxy server
+    if ((!empty($_SESSION['PROXY_SYSTEM'])) && ($_POST['v_proxy'] == 'on') && (empty($_SESSION['error_msg']))) {
+        exec (VESTA_CMD."v-restart-proxy", $output, $return_var);
+        check_return_code($return_var,$output);
+        unset($output);
+    }
+
+    // Add FTP
+    if ((!empty($_POST['v_ftp'])) && (empty($_SESSION['error_msg']))) {
+        $v_ftp_users_updated = array();
+        foreach ($_POST['v_ftp_user'] as $i => $v_ftp_user_data) {
+            if ($v_ftp_user_data['is_new'] == 1) {
+                if ((!empty($v_ftp_user_data['v_ftp_email'])) && (!filter_var($v_ftp_user_data['v_ftp_email'], FILTER_VALIDATE_EMAIL))) $_SESSION['error_msg'] = __('Please enter valid email address.');
+                if (empty($v_ftp_user_data['v_ftp_user'])) $errors[] = 'ftp user';
+                if (empty($v_ftp_user_data['v_ftp_password'])) $errors[] = 'ftp user password';
+                if (!empty($errors[0])) {
+                    foreach ($errors as $i => $error) {
+                        if ( $i == 0 ) {
+                            $error_msg = $error;
+                        } else {
+                            $error_msg = $error_msg.", ".$error;
+                        }
+                    }
+                    $_SESSION['error_msg'] = __('Field "%s" can not be blank.',$error_msg);
+                }
+
+                // Validate email
+                if ((!empty($v_ftp_user_data['v_ftp_email'])) && (!filter_var($v_ftp_user_data['v_ftp_email'], FILTER_VALIDATE_EMAIL))) {
+                    $_SESSION['error_msg'] = __('Please enter valid email address.');
+                }
+
+                // Check ftp password length
+                if ((!empty($v_ftp_user_data['v_ftp']))) {
+                    if (!empty($v_ftp_user_data['v_ftp_user'])) {
+                        $pw_len = strlen($v_ftp_user_data['v_ftp_password']);
+                        if ($pw_len < 6 ) $_SESSION['error_msg'] = __('Password is too short.',$error_msg);
+                    }
+                }
+
+                $v_ftp_user_data['v_ftp_user'] = preg_replace("/^".$user."_/i", "", $v_ftp_user_data['v_ftp_user']);
+                $v_ftp_username      = $v_ftp_user_data['v_ftp_user'];
+                $v_ftp_username_full = $user . '_' . $v_ftp_user_data['v_ftp_user'];
+                $v_ftp_user = escapeshellarg($v_ftp_user_data['v_ftp_user']);
+                if ($domain_added) {
+                    $v_ftp_path = escapeshellarg(trim($v_ftp_user_data['v_ftp_path']));
+                    $v_ftp_password = tempnam("/tmp","vst");
+                    $fp = fopen($v_ftp_password, "w");
+                    fwrite($fp, $v_ftp_user_data['v_ftp_password']."\n");
+                    fclose($fp);
+                    exec (VESTA_CMD."v-add-web-domain-ftp ".$user." ".$v_domain." ".$v_ftp_user." ".$v_ftp_password . " " . $v_ftp_path, $output, $return_var);
+                    check_return_code($return_var,$output);
+                    unset($output);
+                    unlink($v_ftp_password);
+                    if ((!empty($v_ftp_user_data['v_ftp_email'])) && (empty($_SESSION['error_msg']))) {
+                        $to = $v_ftp_user_data['v_ftp_email'];
+                        $subject = __("FTP login credentials");
+                        $from = __('MAIL_FROM',$_POST['v_domain']);
+                        $mailtext = __('FTP_ACCOUNT_READY',$_POST['v_domain'],$user,$v_ftp_user_data['v_ftp_user'],$v_ftp_user_data['v_ftp_password']);
+                        send_email($to, $subject, $mailtext, $from);
+                        unset($v_ftp_email);
+                    }
+                } else {
+                    $return_var = -1;
+                }
+
+                if ($return_var == 0) {
+                    $v_ftp_password = "••••••••";
+                    $v_ftp_user_data['is_new'] = 0;
+                } else {
+                    $v_ftp_user_data['is_new'] = 1;
+                }
+
+                $v_ftp_username = preg_replace("/^".$user."_/", "", $v_ftp_user_data['v_ftp_user']);
+                $v_ftp_users_updated[] = array(
+                    'is_new'            => $v_ftp_user_data['is_new'],
+                    'v_ftp_user'        => $return_var == 0 ? $v_ftp_username_full : $v_ftp_username,
+                    'v_ftp_password'    => $v_ftp_password,
+                    'v_ftp_path'        => $v_ftp_user_data['v_ftp_path'],
+                    'v_ftp_email'       => $v_ftp_user_data['v_ftp_email'],
+                    'v_ftp_pre_path'    => $v_ftp_user_prepath
+                );
+                continue;
+            }
+        }
+
+        if (!empty($_SESSION['error_msg']) && $domain_added) {
+            $_SESSION['ok_msg'] = __('WEB_DOMAIN_CREATED_OK',htmlentities($_POST[v_domain]),htmlentities($_POST[v_domain]));
+            $_SESSION['flash_error_msg'] = $_SESSION['error_msg'];
+            $url = '/edit/web/?domain='.strtolower(preg_replace("/^www\./i", "", $_POST['v_domain']));
+            header('Location: ' . $url);
+            exit;
+        }
+    }
+
+    // Flush field values on success
+    if (empty($_SESSION['error_msg'])) {
+        $_SESSION['ok_msg'] = __('WEB_DOMAIN_CREATED_OK',htmlentities($_POST['v_domain']),htmlentities($_POST['v_domain']));
+        unset($v_domain);
+        unset($v_aliases);
+        unset($v_ssl);
+        unset($v_ssl_crt);
+        unset($v_ssl_key);
+        unset($v_ssl_ca);
+        unset($v_stats_user);
+        unset($v_stats_password);
+        unset($v_ftp);
+    }
+}
+
+// Define user variables
+$v_ftp_user_prepath = $panel[$user]['HOME'] . "/web";
+$v_ftp_email = $panel[$user]['CONTACT'];
+
+// List IP addresses
+exec (VESTA_CMD."v-list-user-ips ".$user." json", $output, $return_var);
+$ips = json_decode(implode('', $output), true);
+unset($output);
+
+// List web stat engines
+exec (VESTA_CMD."v-list-web-stats json", $output, $return_var);
+$stats = json_decode(implode('', $output), true);
+unset($output);
+
+$result = array(
+  'error_msg' => $_SESSION['error_msg'],
+  'ok_msg' => $_SESSION['ok_msg']
+);
+
+echo json_encode($result);
+
+// Flush session messages
+unset($_SESSION['error_msg']);
+unset($_SESSION['ok_msg']);
\ No newline at end of file
diff --git a/web/api/v1/bulk/backup/exclusions/index.php b/web/api/v1/bulk/backup/exclusions/index.php
new file mode 100644
index 000000000..ccef8de5f
--- /dev/null
+++ b/web/api/v1/bulk/backup/exclusions/index.php
@@ -0,0 +1,31 @@
+<?php
+// Init
+error_reporting(NULL);
+ob_start();
+session_start();
+header('Content-Type: application/json');
+
+include($_SERVER['DOCUMENT_ROOT']."/inc/main.php");
+
+$backup = $_POST['system'];
+$action = $_POST['action'];
+
+switch ($action) {
+    case 'delete': $cmd='v-delete-user-backup-exclusions';
+        break;
+    default: exit;
+}
+
+foreach ($backup as $value) {
+    $value = escapeshellarg($value);
+    exec (VESTA_CMD.$cmd." ".$user." ".$value, $output, $return_var);
+}
+
+$result = array(
+    'error' => $_SESSION['error_msg'],
+    'ok_msg' => $_SESSION['ok_msg']
+  );
+  
+echo json_encode($result);
+unset($_SESSION['error_msg']);
+unset($_SESSION['ok_msg']);
diff --git a/web/api/v1/bulk/backup/index.php b/web/api/v1/bulk/backup/index.php
new file mode 100644
index 000000000..aa7f1f6c5
--- /dev/null
+++ b/web/api/v1/bulk/backup/index.php
@@ -0,0 +1,35 @@
+<?php
+// Init
+error_reporting(NULL);
+ob_start();
+session_start();
+header('Content-Type: application/json');
+include($_SERVER['DOCUMENT_ROOT']."/inc/main.php");
+
+$backup = $_POST['backup'];
+$action = $_POST['action'];
+
+// Check token
+if ((!isset($_POST['token'])) || ($_SESSION['token'] != $_POST['token'])) {
+    exit();
+}
+
+switch ($action) {
+    case 'delete': $cmd='v-delete-user-backup';
+        break;
+    default: exit;
+}
+
+foreach ($backup as $value) {
+    $value = escapeshellarg($value);
+    exec (VESTA_CMD.$cmd." ".$user." ".$value, $output, $return_var);
+}
+
+$result = array(
+    'error' => $_SESSION['error_msg'],
+    'ok_msg' => $_SESSION['ok_msg']
+  );
+  
+echo json_encode($result);
+unset($_SESSION['error_msg']);
+unset($_SESSION['ok_msg']);
diff --git a/web/api/v1/bulk/cron/index.php b/web/api/v1/bulk/cron/index.php
new file mode 100644
index 000000000..5fd80765d
--- /dev/null
+++ b/web/api/v1/bulk/cron/index.php
@@ -0,0 +1,77 @@
+<?php
+// Init
+error_reporting(NULL);
+ob_start();
+session_start();
+
+header('Content-Type: application/json');
+include($_SERVER['DOCUMENT_ROOT']."/inc/main.php");
+
+// Check token
+if ((!isset($_POST['token'])) || ($_SESSION['token'] != $_POST['token'])) {
+    exit();
+}
+
+$job = $_POST['job'];
+$action = $_POST['action'];
+
+if ($_SESSION['user'] == 'admin') {
+    switch ($action) {
+        case 'delete': $cmd='v-delete-cron-job';
+            break;
+        case 'suspend': $cmd='v-suspend-cron-job';
+            break;
+        case 'unsuspend': $cmd='v-unsuspend-cron-job';
+            break;
+        case 'delete-cron-reports': $cmd='v-delete-cron-reports';
+            exec (VESTA_CMD.$cmd." ".$user, $output, $return_var);
+            $_SESSION['error_msg'] = __('Cronjob email reporting has been successfully diabled');
+            unset($output);
+            exit;
+            break;
+        case 'add-cron-reports': $cmd='v-add-cron-reports';
+            exec (VESTA_CMD.$cmd." ".$user, $output, $return_var);
+            $_SESSION['error_msg'] = __('Cronjob email reporting has been successfully enabled');
+            unset($output);
+            exit;
+            break;
+        default: exit;
+    }
+} else {
+    switch ($action) {
+        case 'delete': $cmd='v-delete-cron-job';
+            break;
+        case 'delete-cron-reports': $cmd='v-delete-cron-reports';
+            exec (VESTA_CMD.$cmd." ".$user, $output, $return_var);
+            $_SESSION['error_msg'] = __('Cronjob email reporting has been successfully diabled');
+            unset($output);
+            exit;
+            break;
+        case 'add-cron-reports': $cmd='v-add-cron-reports';
+            exec (VESTA_CMD.$cmd." ".$user, $output, $return_var);
+            $_SESSION['error_msg'] = __('Cronjob email reporting has been successfully enabled');
+            unset($output);
+            exit;
+            break;
+        default: exit;
+    }
+}
+
+foreach ($job as $value) {
+    $value = escapeshellarg($value);
+    exec (VESTA_CMD.$cmd." ".$user." ".$value." no", $output, $return_var);
+    $restart = 'yes';
+}
+
+if (!empty($restart)) {
+    exec (VESTA_CMD."v-restart-cron", $output, $return_var);
+}
+
+$result = array(
+    'error' => $_SESSION['error_msg'],
+    'ok_msg' => $_SESSION['ok_msg']
+  );
+  
+echo json_encode($result);
+unset($_SESSION['error_msg']);
+unset($_SESSION['ok_msg']);
diff --git a/web/api/v1/bulk/db/index.php b/web/api/v1/bulk/db/index.php
new file mode 100644
index 000000000..a0fa65fa0
--- /dev/null
+++ b/web/api/v1/bulk/db/index.php
@@ -0,0 +1,48 @@
+<?php
+// Init
+error_reporting(NULL);
+ob_start();
+session_start();
+
+header('Content-Type: application/json');
+include($_SERVER['DOCUMENT_ROOT']."/inc/main.php");
+
+// Check token
+if ((!isset($_POST['token'])) || ($_SESSION['token'] != $_POST['token'])) {
+    exit();
+}
+
+$database = $_POST['database'];
+$action = $_POST['action'];
+
+if ($_SESSION['user'] == 'admin') {
+    switch ($action) {
+        case 'delete': $cmd='v-delete-database';
+            break;
+        case 'suspend': $cmd='v-suspend-database';
+            break;
+        case 'unsuspend': $cmd='v-unsuspend-database';
+            break;
+        default: exit;
+    }
+} else {
+    switch ($action) {
+        case 'delete': $cmd='v-delete-database';
+            break;
+        default: exit;
+    }
+}
+
+foreach ($database as $value) {
+    $value = escapeshellarg($value);
+    exec (VESTA_CMD.$cmd." ".$user." ".$value, $output, $return_var);
+}
+
+$result = array(
+    'error' => $_SESSION['error_msg'],
+    'ok_msg' => $_SESSION['ok_msg']
+  );
+  
+echo json_encode($result);
+unset($_SESSION['error_msg']);
+unset($_SESSION['ok_msg']);
diff --git a/web/api/v1/bulk/dns/index.php b/web/api/v1/bulk/dns/index.php
new file mode 100644
index 000000000..4340e9222
--- /dev/null
+++ b/web/api/v1/bulk/dns/index.php
@@ -0,0 +1,86 @@
+<?php
+// Init
+error_reporting(NULL);
+ob_start();
+session_start();
+
+header('Content-Type: application/json');
+include($_SERVER['DOCUMENT_ROOT']."/inc/main.php");
+
+// Check token
+if ((!isset($_POST['token'])) || ($_SESSION['token'] != $_POST['token'])) {
+    exit();
+}
+
+$domain = $_POST['domain'];
+$record = $_POST['record'];
+$action = $_POST['action'];
+
+if ($_SESSION['user'] == 'admin') {
+    if (empty($record)) {
+        switch ($action) {
+            case 'delete': $cmd='v-delete-dns-domain';
+                break;
+            case 'suspend': $cmd='v-suspend-dns-domain';
+                break;
+            case 'unsuspend': $cmd='v-unsuspend-dns-domain';
+                break;
+            default: exit;
+        }
+    } else {
+        switch ($action) {
+            case 'delete': $cmd='v-delete-dns-record';
+                break;
+            case 'suspend': $cmd='v-suspend-dns-record';
+                break;
+            case 'unsuspend': $cmd='v-unsuspend-dns-record';
+                break;
+            default: exit;
+        }
+    }
+} else {
+    if (empty($record)) {
+        switch ($action) {
+            case 'delete': $cmd='v-delete-dns-domain';
+                break;
+            default: exit;
+        }
+    } else {
+        switch ($action) {
+            case 'delete': $cmd='v-delete-dns-record';
+                break;
+            default: exit;
+        }
+    }
+}
+
+
+if (empty($record)) {
+    foreach ($domain as $value) {
+        // DNS
+        $value = escapeshellarg($value);
+        exec (VESTA_CMD.$cmd." ".$user." ".$value." no", $output, $return_var);
+        $restart = 'yes';
+    }
+} else {
+    foreach ($record as $value) {
+        // DNS Record
+        $value = escapeshellarg($value);
+        $dom = escapeshellarg($domain);
+        exec (VESTA_CMD.$cmd." ".$user." ".$dom." ".$value." no", $output, $return_var);
+        $restart = 'yes';
+    }
+}
+
+if (!empty($restart)) {
+    exec (VESTA_CMD."v-restart-dns", $output, $return_var);
+}
+
+$result = array(
+    'error' => $_SESSION['error_msg'],
+    'ok_msg' => $_SESSION['ok_msg']
+  );
+  
+echo json_encode($result);
+unset($_SESSION['error_msg']);
+unset($_SESSION['ok_msg']);
diff --git a/web/api/v1/bulk/firewall/banlist/index.php b/web/api/v1/bulk/firewall/banlist/index.php
new file mode 100644
index 000000000..51e2f1ad5
--- /dev/null
+++ b/web/api/v1/bulk/firewall/banlist/index.php
@@ -0,0 +1,44 @@
+<?php
+// Init
+error_reporting(NULL);
+ob_start();
+session_start();
+header('Content-Type: application/json');
+
+// Main include
+include($_SERVER['DOCUMENT_ROOT']."/inc/main.php");
+
+// Check token
+if ((!isset($_POST['token'])) || ($_SESSION['token'] != $_POST['token'])) {
+    exit();
+}
+
+// Check user
+if ($_SESSION['user'] != 'admin') {
+    exit;
+}
+
+$ipchain = $_POST['ipchain'];
+$action = $_POST['action'];
+
+switch ($action) {
+    case 'delete': $cmd='v-delete-firewall-ban';
+        break;
+    default: exit;
+}
+
+foreach ($ipchain as $value) {
+    list($ip,$chain) = explode(":",$value);
+    $v_ip    = escapeshellarg($ip);
+    $v_chain = escapeshellarg($chain);
+    exec (VESTA_CMD.$cmd." ".$v_ip." ".$v_chain, $output, $return_var);
+}
+
+$result = array(
+    'error' => $_SESSION['error_msg'],
+    'ok_msg' => $_SESSION['ok_msg']
+  );
+  
+echo json_encode($result);
+unset($_SESSION['error_msg']);
+unset($_SESSION['ok_msg']);
diff --git a/web/api/v1/bulk/firewall/index.php b/web/api/v1/bulk/firewall/index.php
new file mode 100644
index 000000000..99acda51f
--- /dev/null
+++ b/web/api/v1/bulk/firewall/index.php
@@ -0,0 +1,49 @@
+<?php
+// Init
+error_reporting(NULL);
+ob_start();
+session_start();
+header('Content-Type: application/json');
+
+// Main include
+include($_SERVER['DOCUMENT_ROOT']."/inc/main.php");
+
+// Check token
+if ((!isset($_POST['token'])) || ($_SESSION['token'] != $_POST['token'])) {
+    header('location: /login/');
+    exit();
+}
+
+// Check user
+if ($_SESSION['user'] != 'admin') {
+    exit;
+}
+
+
+$rule = $_POST['rule'];
+$action = $_POST['action'];
+
+switch ($action) {
+    case 'delete': $cmd='v-delete-firewall-rule';
+        break;
+    case 'suspend': $cmd='v-suspend-firewall-rule';
+        break;
+    case 'unsuspend': $cmd='v-unsuspend-firewall-rule';
+        break;
+    default: exit;
+}
+
+foreach ($rule as $value) {
+    $value = escapeshellarg($value);
+    exec (VESTA_CMD.$cmd." ".$value, $output, $return_var);
+    $restart = 'yes';
+}
+
+$result = array(
+    'error' => $_SESSION['error_msg'],
+    'ok_msg' => $_SESSION['ok_msg']
+  );
+  
+echo json_encode($result);
+unset($_SESSION['error_msg']);
+unset($_SESSION['ok_msg']);
diff --git a/web/api/v1/bulk/ip/index.php b/web/api/v1/bulk/ip/index.php
new file mode 100644
index 000000000..3f252256b
--- /dev/null
+++ b/web/api/v1/bulk/ip/index.php
@@ -0,0 +1,43 @@
+<?php
+// Init
+error_reporting(NULL);
+ob_start();
+session_start();
+
+header('Content-Type: application/json');
+include($_SERVER['DOCUMENT_ROOT']."/inc/main.php");
+
+// Check token
+if ((!isset($_POST['token'])) || ($_SESSION['token'] != $_POST['token'])) {
+    exit();
+}
+
+$ip = $_POST['ip'];
+$action = $_POST['action'];
+
+if ($_SESSION['user'] == 'admin') {
+    switch ($action) {
+        case 'reread IP': exec(VESTA_CMD."v-update-sys-ip", $output, $return_var);
+                exit;
+            break;
+        case 'delete': $cmd='v-delete-sys-ip';
+            break;
+        default: exit;
+    }
+} else {
+    exit;
+}
+
+foreach ($ip as $value) {
+    $value = escapeshellarg($value);
+    exec (VESTA_CMD.$cmd." ".$value, $output, $return_var);
+}
+
+$result = array(
+    'error' => $_SESSION['error_msg'],
+    'ok_msg' => $_SESSION['ok_msg']
+  );
+  
+echo json_encode($result);
+unset($_SESSION['error_msg']);
+unset($_SESSION['ok_msg']);
diff --git a/web/api/v1/bulk/mail/index.php b/web/api/v1/bulk/mail/index.php
new file mode 100644
index 000000000..590422b71
--- /dev/null
+++ b/web/api/v1/bulk/mail/index.php
@@ -0,0 +1,82 @@
+<?php
+// Init
+error_reporting(NULL);
+ob_start();
+session_start();
+
+header('Content-Type: application/json');
+include($_SERVER['DOCUMENT_ROOT']."/inc/main.php");
+
+// Check token
+if ((!isset($_POST['token'])) || ($_SESSION['token'] != $_POST['token'])) {
+    exit();
+}
+
+$domain = $_POST['domain'];
+$account = $_POST['account'];
+$action = $_POST['action'];
+
+if ($_SESSION['user'] == 'admin') {
+    if (empty($account)) {
+        switch ($action) {
+            case 'delete': $cmd='v-delete-mail-domain';
+                break;
+            case 'suspend': $cmd='v-suspend-mail-domain';
+                break;
+            case 'unsuspend': $cmd='v-unsuspend-mail-domain';
+                break;
+            default: exit;
+        }
+    } else {
+        switch ($action) {
+            case 'delete': $cmd='v-delete-mail-account';
+                break;
+            case 'suspend': $cmd='v-suspend-mail-account';
+                break;
+            case 'unsuspend': $cmd='v-unsuspend-mail-account';
+                break;
+            default: exit;
+        }
+    }
+} else {
+    if (empty($account)) {
+        switch ($action) {
+            case 'delete': $cmd='v-delete-mail-domain';
+                break;
+            default: exit;
+        }
+    } else {
+        switch ($action) {
+            case 'delete': $cmd='v-delete-mail-account';
+                break;
+            default: exit;
+        }
+    }
+}
+
+
+if (empty($account)) {
+    foreach ($domain as $value) {
+        // Mail
+        $value = escapeshellarg($value);
+        exec (VESTA_CMD.$cmd." ".$user." ".$value, $output, $return_var);
+        $restart = 'yes';
+    }
+} else {
+    foreach ($account as $value) {
+        // Mail Account
+        $value = escapeshellarg($value);
+        $dom = escapeshellarg($domain);
+        exec (VESTA_CMD.$cmd." ".$user." ".$dom." ".$value, $output, $return_var);
+        $restart = 'yes';
+    }
+}
+
+$result = array(
+    'error' => $_SESSION['error_msg'],
+    'ok_msg' => $_SESSION['ok_msg']
+  );
+  
+echo json_encode($result);
+unset($_SESSION['error_msg']);
+unset($_SESSION['ok_msg']);
diff --git a/web/api/v1/bulk/package/index.php b/web/api/v1/bulk/package/index.php
new file mode 100644
index 000000000..69f402d1f
--- /dev/null
+++ b/web/api/v1/bulk/package/index.php
@@ -0,0 +1,42 @@
+<?php
+// Init
+error_reporting(NULL);
+ob_start();
+session_start();
+header('Content-Type: application/json');
+
+include($_SERVER['DOCUMENT_ROOT']."/inc/main.php");
+
+// Check token
+if ((!isset($_POST['token'])) || ($_SESSION['token'] != $_POST['token'])) {
+    exit();
+}
+
+$package = $_POST['package'];
+$action = $_POST['action'];
+
+if ($_SESSION['user'] == 'admin') {
+    switch ($action) {
+        case 'delete': $cmd='v-delete-user-package';
+            break;
+        default: exit;
+    }
+} else {
+    exit;
+}
+
+foreach ($package as $value) {
+    $value = escapeshellarg($value);
+    exec (VESTA_CMD.$cmd." ".$value, $output, $return_var);
+    $restart = 'yes';
+}
+
+
+$result = array(
+    'error' => $_SESSION['error_msg'],
+    'ok_msg' => $_SESSION['ok_msg']
+  );
+  
+echo json_encode($result);
+unset($_SESSION['error_msg']);
+unset($_SESSION['ok_msg']);
diff --git a/web/api/v1/bulk/restore/index.php b/web/api/v1/bulk/restore/index.php
new file mode 100644
index 000000000..453f2e87d
--- /dev/null
+++ b/web/api/v1/bulk/restore/index.php
@@ -0,0 +1,56 @@
+<?php
+// Init
+error_reporting(NULL);
+ob_start();
+session_start();
+
+header('Content-Type: application/json');
+
+include($_SERVER['DOCUMENT_ROOT']."/inc/main.php");
+
+// Check token
+if ((!isset($_POST['token'])) || ($_SESSION['token'] != $_POST['token'])) {
+    exit();
+}
+
+$action = $_POST['action'];
+$backup = escapeshellarg($_POST['backup']);
+
+$web = 'no';
+$dns = 'no';
+$mail = 'no';
+$db = 'no';
+$cron = 'no';
+$udir = 'no';
+
+if (!empty($_POST['web'])) $web = escapeshellarg(implode(",",$_POST['web']));
+if (!empty($_POST['dns'])) $dns = escapeshellarg(implode(",",$_POST['dns']));
+if (!empty($_POST['mail'])) $mail = escapeshellarg(implode(",",$_POST['mail']));
+if (!empty($_POST['db'])) $db = escapeshellarg(implode(",",$_POST['db']));
+if (!empty($_POST['cron'])) $cron = 'yes';
+if (!empty($_POST['udir'])) $udir = escapeshellarg(implode(",",$_POST['udir']));
+
+if ($action == 'restore') {
+    exec (VESTA_CMD."v-schedule-user-restore ".$user." ".$backup." ".$web." ".$dns." ".$mail." ".$db." ".$cron." ".$udir, $output, $return_var);
+    if ($return_var == 0) {
+        $_SESSION['error_msg'] = __('RESTORE_SCHEDULED');
+    } else {
+        $_SESSION['error_msg'] = implode('<br>', $output);
+        if (empty($_SESSION['error_msg'])) {
+            $_SESSION['error_msg'] = __('Error: vesta did not return any output.');
+        }
+        if ($return_var == 4) {
+            $_SESSION['error_msg'] = __('RESTORE_EXISTS');
+        }
+    }
+}
+
+header('Content-Type: application/json');
+$result = array(
+    'error' => $_SESSION['error_msg'],
+    'ok_msg' => $_SESSION['ok_msg']
+  );
+  
+echo json_encode($result);
+unset($_SESSION['error_msg']);
+unset($_SESSION['ok_msg']);
diff --git a/web/api/v1/bulk/service/index.php b/web/api/v1/bulk/service/index.php
new file mode 100644
index 000000000..e100482d6
--- /dev/null
+++ b/web/api/v1/bulk/service/index.php
@@ -0,0 +1,49 @@
+<?php
+// Init
+error_reporting(NULL);
+ob_start();
+session_start();
+
+header('Content-Type: application/json');
+include($_SERVER['DOCUMENT_ROOT']."/inc/main.php");
+
+// Check token
+if ((!isset($_POST['token'])) || ($_SESSION['token'] != $_POST['token'])) {
+    exit();
+}
+
+$service = $_POST['service'];
+$action = $_POST['action'];
+
+if ($_SESSION['user'] == 'admin') {
+    switch ($action) {
+        case 'stop': $cmd='v-stop-service';
+            break;
+        case 'start': $cmd='v-start-service';
+            break;
+        case 'restart': $cmd='v-restart-service';
+            break;
+        default: exit;
+    }
+
+    if ((!empty($_POST['system'])) && ($action == 'restart')) {
+        exec (VESTA_CMD."v-restart-system yes", $output, $return_var);
+        $_SESSION['error_srv'] = 'The system is going down for reboot NOW!';
+        unset($output);
+        exit;
+    }
+
+    foreach ($service as $value) {
+        $value = escapeshellarg($value);
+        exec (VESTA_CMD.$cmd." ".$value, $output, $return_var);
+    }
+}
+
+$result = array(
+    'error' => $_SESSION['error_msg'],
+    'ok_msg' => $_SESSION['ok_msg']
+  );
+  
+echo json_encode($result);
+unset($_SESSION['error_msg']);
+unset($_SESSION['ok_msg']);
diff --git a/web/api/v1/bulk/user/index.php b/web/api/v1/bulk/user/index.php
new file mode 100644
index 000000000..213a84f88
--- /dev/null
+++ b/web/api/v1/bulk/user/index.php
@@ -0,0 +1,69 @@
+<?php
+// Init
+error_reporting(NULL);
+ob_start();
+session_start();
+
+header('Content-Type: application/json');
+include($_SERVER['DOCUMENT_ROOT']."/inc/main.php");
+
+// Check token
+if ((!isset($_POST['token'])) || ($_SESSION['token'] != $_POST['token'])) {
+    exit();
+}
+
+$user = $_POST['user'];
+$action = $_POST['action'];
+
+if ($_SESSION['user'] == 'admin') {
+    switch ($action) {
+        case 'delete': $cmd='v-delete-user'; $restart = 'no';
+            break;
+        case 'suspend': $cmd='v-suspend-user'; $restart = 'no';
+            break;
+        case 'unsuspend': $cmd='v-unsuspend-user'; $restart = 'no';
+            break;
+        case 'update counters': $cmd='v-update-user-counters';
+            break;
+        case 'rebuild': $cmd='v-rebuild-user'; $restart = 'no';
+            break;
+        case 'rebuild web': $cmd='v-rebuild-web-domains'; $restart = 'no';
+            break;
+        case 'rebuild dns': $cmd='v-rebuild-dns-domains'; $restart = 'no';
+            break;
+        case 'rebuild mail': $cmd='v-rebuild-mail-domains';
+            break;
+        case 'rebuild db': $cmd='v-rebuild-databases';
+            break;
+        case 'rebuild cron': $cmd='v-rebuild-cron-jobs';
+            break;
+        default: exit;
+    }
+} else {
+    switch ($action) {
+        case 'update counters': $cmd='v-update-user-counters';
+            break;
+        default: exit;
+    }
+}
+
+foreach ($user as $value) {
+    $value = escapeshellarg($value);
+    exec (VESTA_CMD.$cmd." ".$value." ".$restart, $output, $return_var);
+    $changes = 'yes';
+}
+
+if ((!empty($restart)) && (!empty($changes))) {
+    exec (VESTA_CMD."v-restart-web", $output, $return_var);
+    exec (VESTA_CMD."v-restart-dns", $output, $return_var);
+    exec (VESTA_CMD."v-restart-cron", $output, $return_var);
+}
+
+$result = array(
+    'error' => $_SESSION['error_msg'],
+    'ok_msg' => $_SESSION['ok_msg']
+  );
+  
+echo json_encode($result);
+unset($_SESSION['error_msg']);
+unset($_SESSION['ok_msg']);
diff --git a/web/api/v1/bulk/vesta/index.php b/web/api/v1/bulk/vesta/index.php
new file mode 100644
index 000000000..63b273384
--- /dev/null
+++ b/web/api/v1/bulk/vesta/index.php
@@ -0,0 +1,38 @@
+<?php
+// Init
+error_reporting(NULL);
+ob_start();
+session_start();
+
+header('Content-Type: application/json');
+include($_SERVER['DOCUMENT_ROOT']."/inc/main.php");
+
+// Check token
+if ((!isset($_POST['token'])) || ($_SESSION['token'] != $_POST['token'])) {
+    exit();
+}
+
+
+$pkg = $_POST['pkg'];
+$action = $_POST['action'];
+
+if ($_SESSION['user'] == 'admin') {
+    switch ($action) {
+        case 'update': $cmd='v-update-sys-vesta';
+            break;
+        default: exit;
+    }
+    foreach ($pkg as $value) {
+        $value = escapeshellarg($value);
+        exec (VESTA_CMD.$cmd." ".$value, $output, $return_var);
+    }
+}
+
+$result = array(
+    'error' => $_SESSION['error_msg'],
+    'ok_msg' => $_SESSION['ok_msg']
+  );
+  
+echo json_encode($result);
+unset($_SESSION['error_msg']);
+unset($_SESSION['ok_msg']);
diff --git a/web/api/v1/bulk/web/index.php b/web/api/v1/bulk/web/index.php
new file mode 100644
index 000000000..71e906364
--- /dev/null
+++ b/web/api/v1/bulk/web/index.php
@@ -0,0 +1,55 @@
+<?php
+// Init
+error_reporting(NULL);
+ob_start();
+session_start();
+header('Content-Type: application/json');
+
+include($_SERVER['DOCUMENT_ROOT']."/inc/main.php");
+
+// Check token
+if ((!isset($_POST['token'])) || ($_SESSION['token'] != $_POST['token'])) {
+    exit();
+}
+
+$domain = $_POST['domain'];
+$action = $_POST['action'];
+
+if ($_SESSION['user'] == 'admin') {
+    switch ($action) {
+        case 'delete': $cmd='v-delete-domain';
+            break;
+        case 'suspend': $cmd='v-suspend-domain';
+            break;
+        case 'unsuspend': $cmd='v-unsuspend-domain';
+            break;
+        default: exit;
+    }
+} else {
+    switch ($action) {
+        case 'delete': $cmd='v-delete-domain';
+            break;
+        default: exit;
+    }
+}
+
+foreach ($domain as $value) {
+    $value = escapeshellarg($value);
+    exec (VESTA_CMD.$cmd." ".$user." ".$value." no", $output, $return_var);
+    $restart='yes';
+}
+
+if (isset($restart)) {
+    exec (VESTA_CMD."v-restart-web", $output, $return_var);
+    exec (VESTA_CMD."v-restart-proxy", $output, $return_var);
+    exec (VESTA_CMD."v-restart-dns", $output, $return_var);
+}
+
+$result = array(
+    'error' => $_SESSION['error_msg'],
+    'ok_msg' => $_SESSION['ok_msg']
+  );
+  
+echo json_encode($result);
+unset($_SESSION['error_msg']);
+unset($_SESSION['ok_msg']);
diff --git a/web/api/v1/delete/backup/exclusion/index.php b/web/api/v1/delete/backup/exclusion/index.php
new file mode 100644
index 000000000..dd2c3e879
--- /dev/null
+++ b/web/api/v1/delete/backup/exclusion/index.php
@@ -0,0 +1,28 @@
+<?php
+// Init
+error_reporting(NULL);
+ob_start();
+session_start();
+header('Content-Type: application/json');
+include($_SERVER['DOCUMENT_ROOT']."/inc/main.php");
+
+if (($_SESSION['user'] == 'admin') && (!empty($_GET['user']))) {
+    $user=$_GET['user'];
+}
+
+if (!empty($_GET['system'])) {
+    $v_username = escapeshellarg($user);
+    $v_system = escapeshellarg($_GET['system']);
+    exec (VESTA_CMD."v-delete-user-backup-exclusions ".$v_username." ".$v_system, $output, $return_var);
+}
+check_return_code($return_var,$output);
+unset($output);
+
+$result = array(
+    'error' => $_SESSION['error_msg'],
+    'ok_msg' => $_SESSION['ok_msg']
+  );
+  
+echo json_encode($result);
+unset($_SESSION['error_msg']);
+unset($_SESSION['ok_msg']);
diff --git a/web/api/v1/delete/backup/index.php b/web/api/v1/delete/backup/index.php
new file mode 100644
index 000000000..9d8bc9728
--- /dev/null
+++ b/web/api/v1/delete/backup/index.php
@@ -0,0 +1,34 @@
+<?php
+// Init
+error_reporting(NULL);
+ob_start();
+session_start();
+header('Content-Type: application/json');
+include($_SERVER['DOCUMENT_ROOT']."/inc/main.php");
+
+if (($_SESSION['user'] == 'admin') && (!empty($_GET['user']))) {
+    $user=$_GET['user'];
+}
+
+// Check token
+if ((!isset($_GET['token'])) || ($_SESSION['token'] != $_GET['token'])) {
+    header('location: /login/');
+    exit();
+}
+
+if (!empty($_GET['backup'])) {
+    $v_username = escapeshellarg($user);
+    $v_backup = escapeshellarg($_GET['backup']);
+    exec (VESTA_CMD."v-delete-user-backup ".$v_username." ".$v_backup, $output, $return_var);
+}
+check_return_code($return_var,$output);
+unset($output);
+
+$result = array(
+    'error' => $_SESSION['error_msg'],
+    'ok_msg' => $_SESSION['ok_msg']
+  );
+  
+echo json_encode($result);
+unset($_SESSION['error_msg']);
+unset($_SESSION['ok_msg']);
diff --git a/web/api/v1/delete/cron/autoupdate/index.php b/web/api/v1/delete/cron/autoupdate/index.php
new file mode 100644
index 000000000..f26de9987
--- /dev/null
+++ b/web/api/v1/delete/cron/autoupdate/index.php
@@ -0,0 +1,28 @@
+<?php
+// Init
+error_reporting(NULL);
+ob_start();
+session_start();
+header('Content-Type: application/json');
+include($_SERVER['DOCUMENT_ROOT']."/inc/main.php");
+
+$message = '';
+$error = '';
+
+// Check token
+if ((!isset($_GET['token'])) || ($_SESSION['token'] != $_GET['token'])) {
+	$error = 'Unauthenticated';
+}
+
+if ($_SESSION['user'] == 'admin') {
+    exec (VESTA_CMD."v-delete-cron-vesta-autoupdate", $output, $return_var);
+    $message = __('Autoupdate has been successfully disabled');
+    unset($output);
+}
+
+$result = array(
+	'message' => $message,
+	'error' => $error
+);
+
+print json_encode($result);
diff --git a/web/api/v1/delete/cron/index.php b/web/api/v1/delete/cron/index.php
new file mode 100644
index 000000000..a0d700df2
--- /dev/null
+++ b/web/api/v1/delete/cron/index.php
@@ -0,0 +1,34 @@
+
+<?php
+// Init
+error_reporting(NULL);
+ob_start();
+session_start();
+header('Content-Type: application/json');
+include($_SERVER['DOCUMENT_ROOT']."/inc/main.php");
+
+if (($_SESSION['user'] == 'admin') && (!empty($_GET['user']))) {
+    $user=$_GET['user'];
+}
+
+// Check token
+if ((!isset($_GET['token'])) || ($_SESSION['token'] != $_GET['token'])) {
+    exit();
+}
+
+if (!empty($_GET['job'])) {
+    $v_username = escapeshellarg($user);
+    $v_job = escapeshellarg($_GET['job']);
+    exec (VESTA_CMD."v-delete-cron-job ".$v_username." ".$v_job, $output, $return_var);
+}
+check_return_code($return_var,$output);
+unset($output);
+
+$result = array(
+    'error' => $_SESSION['error_msg'],
+    'ok_msg' => $_SESSION['ok_msg']
+  );
+  
+echo json_encode($result);
+unset($_SESSION['error_msg']);
+unset($_SESSION['ok_msg']);
diff --git a/web/api/v1/delete/cron/reports/index.php b/web/api/v1/delete/cron/reports/index.php
new file mode 100644
index 000000000..7ab5db428
--- /dev/null
+++ b/web/api/v1/delete/cron/reports/index.php
@@ -0,0 +1,26 @@
+<?php
+// Init
+error_reporting(NULL);
+ob_start();
+session_start();
+header('Content-Type: application/json');
+include($_SERVER['DOCUMENT_ROOT']."/inc/main.php");
+
+$message = '';
+$error = '';
+
+// Check token
+if ((!isset($_GET['token'])) || ($_SESSION['token'] != $_GET['token'])) {
+	$error = 'Unathenticated';
+}
+
+exec (VESTA_CMD."v-delete-cron-reports ".$user, $output, $return_var);
+$message = __('Cronjob email reporting has been successfully disabled');
+unset($output);
+
+$result = array(
+	'message' => $message,
+	'error' => $error,
+);
+
+print json_encode($result);
diff --git a/web/api/v1/delete/db/index.php b/web/api/v1/delete/db/index.php
new file mode 100644
index 000000000..ae5eeada7
--- /dev/null
+++ b/web/api/v1/delete/db/index.php
@@ -0,0 +1,33 @@
+<?php
+// Init
+error_reporting(NULL);
+ob_start();
+session_start();
+header('Content-Type: application/json');
+include($_SERVER['DOCUMENT_ROOT']."/inc/main.php");
+
+if (($_SESSION['user'] == 'admin') && (!empty($_GET['user']))) {
+    $user=$_GET['user'];
+}
+
+// Check token
+if ((!isset($_GET['token'])) || ($_SESSION['token'] != $_GET['token'])) {
+    exit();
+}
+
+if (!empty($_GET['database'])) {
+    $v_username = escapeshellarg($user);
+    $v_database = escapeshellarg($_GET['database']);
+    exec (VESTA_CMD."v-delete-database ".$v_username." ".$v_database, $output, $return_var);
+}
+check_return_code($return_var,$output);
+unset($output);
+
+$result = array(
+    'error' => $_SESSION['error_msg'],
+    'ok_msg' => $_SESSION['ok_msg']
+  );
+  
+echo json_encode($result);
+unset($_SESSION['error_msg']);
+unset($_SESSION['ok_msg']);
diff --git a/web/api/v1/delete/dns/index.php b/web/api/v1/delete/dns/index.php
new file mode 100644
index 000000000..9078999ad
--- /dev/null
+++ b/web/api/v1/delete/dns/index.php
@@ -0,0 +1,45 @@
+<?php
+// Init
+error_reporting(NULL);
+ob_start();
+session_start();
+header('Content-Type: application/json');
+include($_SERVER['DOCUMENT_ROOT']."/inc/main.php");
+
+// Delete as someone else?
+if (($_SESSION['user'] == 'admin') && (!empty($_GET['user']))) {
+    $user=$_GET['user'];
+}
+
+// Check token
+if ((!isset($_GET['token'])) || ($_SESSION['token'] != $_GET['token'])) {
+    exit();
+}
+
+// DNS domain
+if ((!empty($_GET['domain'])) && (empty($_GET['record_id'])))  {
+    $v_username = escapeshellarg($user);
+    $v_domain = escapeshellarg($_GET['domain']);
+    exec (VESTA_CMD."v-delete-dns-domain ".$v_username." ".$v_domain, $output, $return_var);
+    check_return_code($return_var,$output);
+    unset($output);
+}
+
+// DNS record
+if ((!empty($_GET['domain'])) && (!empty($_GET['record_id'])))  {
+    $v_username = escapeshellarg($user);
+    $v_domain = escapeshellarg($_GET['domain']);
+    $v_record_id = escapeshellarg($_GET['record_id']);
+    exec (VESTA_CMD."v-delete-dns-record ".$v_username." ".$v_domain." ".$v_record_id, $output, $return_var);
+    check_return_code($return_var,$output);
+    unset($output);
+}
+
+$result = array(
+    'error' => $_SESSION['error_msg'],
+    'ok_msg' => $_SESSION['ok_msg']
+  );
+  
+echo json_encode($result);
+unset($_SESSION['error_msg']);
+unset($_SESSION['ok_msg']);
diff --git a/web/api/v1/delete/favorite/index.php b/web/api/v1/delete/favorite/index.php
new file mode 100644
index 000000000..9f471b9bd
--- /dev/null
+++ b/web/api/v1/delete/favorite/index.php
@@ -0,0 +1,15 @@
+<?php
+
+    error_reporting(NULL);
+    session_start();
+
+    include($_SERVER['DOCUMENT_ROOT']."/inc/main.php");
+
+    unset($_SESSION['favourites'][strtoupper($_REQUEST['v_section'])][$_REQUEST['v_unit_id']]);
+
+    $v_section = escapeshellarg($_REQUEST['v_section']);
+    $v_unit_id = escapeshellarg($_REQUEST['v_unit_id']);
+
+    exec (VESTA_CMD."v-delete-user-favourites ".$_SESSION['user']." ".$v_section." ".$v_unit_id, $output, $return_var);
+//    check_return_code($return_var,$output);
+?>
\ No newline at end of file
diff --git a/web/api/v1/delete/firewall/banlist/index.php b/web/api/v1/delete/firewall/banlist/index.php
new file mode 100644
index 000000000..e58cea61a
--- /dev/null
+++ b/web/api/v1/delete/firewall/banlist/index.php
@@ -0,0 +1,36 @@
+<?php
+// Init
+error_reporting(NULL);
+ob_start();
+session_start();
+header('Content-Type: application/json');
+
+// Main include
+include($_SERVER['DOCUMENT_ROOT']."/inc/main.php");
+
+// Check user
+if ($_SESSION['user'] != 'admin') {
+    exit;
+}
+
+// Check token
+if ((!isset($_GET['token'])) || ($_SESSION['token'] != $_GET['token'])) {
+    exit();
+}
+
+if ((!empty($_GET['ip'])) && (!empty($_GET['chain']))) {
+    $v_ip = escapeshellarg($_GET['ip']);
+    $v_chain = escapeshellarg($_GET['chain']);
+    exec (VESTA_CMD."v-delete-firewall-ban ".$v_ip." ".$v_chain, $output, $return_var);
+}
+check_return_code($return_var,$output);
+unset($output);
+
+$result = array(
+    'error' => $_SESSION['error_msg'],
+    'ok_msg' => $_SESSION['ok_msg']
+  );
+  
+echo json_encode($result);
+unset($_SESSION['error_msg']);
+unset($_SESSION['ok_msg']);
diff --git a/web/api/v1/delete/firewall/index.php b/web/api/v1/delete/firewall/index.php
new file mode 100644
index 000000000..c90fa7461
--- /dev/null
+++ b/web/api/v1/delete/firewall/index.php
@@ -0,0 +1,35 @@
+<?php
+// Init
+error_reporting(NULL);
+ob_start();
+session_start();
+header('Content-Type: application/json');
+
+// Main include
+include($_SERVER['DOCUMENT_ROOT']."/inc/main.php");
+
+// Check user
+if ($_SESSION['user'] != 'admin') {
+    exit;
+}
+
+// Check token
+if ((!isset($_GET['token'])) || ($_SESSION['token'] != $_GET['token'])) {
+    exit();
+}
+
+if (!empty($_GET['rule'])) {
+    $v_rule = escapeshellarg($_GET['rule']);
+    exec (VESTA_CMD."v-delete-firewall-rule ".$v_rule, $output, $return_var);
+}
+check_return_code($return_var,$output);
+unset($output);
+
+$result = array(
+    'error' => $_SESSION['error_msg'],
+    'ok_msg' => $_SESSION['ok_msg']
+  );
+  
+echo json_encode($result);
+unset($_SESSION['error_msg']);
+unset($_SESSION['ok_msg']);
diff --git a/web/api/v1/delete/ip/index.php b/web/api/v1/delete/ip/index.php
new file mode 100644
index 000000000..6c4ab74a3
--- /dev/null
+++ b/web/api/v1/delete/ip/index.php
@@ -0,0 +1,31 @@
+<?php
+// Init
+error_reporting(NULL);
+ob_start();
+session_start();
+header('Content-Type: application/json');
+include($_SERVER['DOCUMENT_ROOT']."/inc/main.php");
+
+// Check token
+if ((!isset($_GET['token'])) || ($_SESSION['token'] != $_GET['token'])) {
+    exit();
+}
+
+if ($_SESSION['user'] == 'admin') {
+    if (!empty($_GET['ip'])) {
+        $v_ip = escapeshellarg($_GET['ip']);
+        exec (VESTA_CMD."v-delete-sys-ip ".$v_ip, $output, $return_var);
+    }
+    check_return_code($return_var,$output);
+    unset($output);
+
+}
+
+$result = array(
+    'error' => $_SESSION['error_msg'],
+    'ok_msg' => $_SESSION['ok_msg']
+  );
+  
+echo json_encode($result);
+unset($_SESSION['error_msg']);
+unset($_SESSION['ok_msg']);
diff --git a/web/api/v1/delete/mail/index.php b/web/api/v1/delete/mail/index.php
new file mode 100644
index 000000000..2f6f2f82a
--- /dev/null
+++ b/web/api/v1/delete/mail/index.php
@@ -0,0 +1,45 @@
+<?php
+// Init
+error_reporting(NULL);
+ob_start();
+session_start();
+header('Content-Type: application/json');
+include($_SERVER['DOCUMENT_ROOT']."/inc/main.php");
+
+// Delete as someone else?
+if (($_SESSION['user'] == 'admin') && (!empty($_GET['user']))) {
+    $user=$_GET['user'];
+}
+
+// Check token
+if ((!isset($_GET['token'])) || ($_SESSION['token'] != $_GET['token'])) {
+    exit();
+}
+
+// Mail domain
+if ((!empty($_GET['domain'])) && (empty($_GET['account'])))  {
+    $v_username = escapeshellarg($user);
+    $v_domain = escapeshellarg($_GET['domain']);
+    exec (VESTA_CMD."v-delete-mail-domain ".$v_username." ".$v_domain, $output, $return_var);
+    check_return_code($return_var,$output);
+    unset($output);
+}
+
+// Mail account
+if ((!empty($_GET['domain'])) && (!empty($_GET['account'])))  {
+    $v_username = escapeshellarg($user);
+    $v_domain = escapeshellarg($_GET['domain']);
+    $v_account = escapeshellarg($_GET['account']);
+    exec (VESTA_CMD."v-delete-mail-account ".$v_username." ".$v_domain." ".$v_account, $output, $return_var);
+    check_return_code($return_var,$output);
+    unset($output);
+}
+
+$result = array(
+    'error' => $_SESSION['error_msg'],
+    'ok_msg' => $_SESSION['ok_msg']
+  );
+  
+echo json_encode($result);
+unset($_SESSION['error_msg']);
+unset($_SESSION['ok_msg']);
diff --git a/web/api/v1/delete/notification/index.php b/web/api/v1/delete/notification/index.php
new file mode 100644
index 000000000..5aedaa5d0
--- /dev/null
+++ b/web/api/v1/delete/notification/index.php
@@ -0,0 +1,28 @@
+<?php
+// Init
+error_reporting(NULL);
+session_start();
+include($_SERVER['DOCUMENT_ROOT']."/inc/main.php");
+
+
+// Check token
+if ((!isset($_GET['token'])) || ($_SESSION['token'] != $_GET['token'])) {
+    exit();
+}
+
+
+if($_GET['delete'] == 1){
+    $v_username = escapeshellarg($user);
+    $v_id = escapeshellarg((int)$_GET['notification_id']);
+    exec (VESTA_CMD."v-delete-user-notification ".$v_username." ".$v_id, $output, $return_var);
+    check_return_code($return_var,$output);
+    unset($output);
+} else {
+    $v_username = escapeshellarg($user);
+    $v_id = escapeshellarg((int)$_GET['notification_id']);
+    exec (VESTA_CMD."v-acknowledge-user-notification ".$v_username." ".$v_id, $output, $return_var);
+    check_return_code($return_var,$output);
+    unset($output);
+}
+
+exit;
diff --git a/web/api/v1/delete/package/index.php b/web/api/v1/delete/package/index.php
new file mode 100644
index 000000000..e0120a369
--- /dev/null
+++ b/web/api/v1/delete/package/index.php
@@ -0,0 +1,30 @@
+<?php
+// Init
+error_reporting(NULL);
+ob_start();
+session_start();
+header('Content-Type: application/json');
+include($_SERVER['DOCUMENT_ROOT']."/inc/main.php");
+
+// Check token
+if ((!isset($_GET['token'])) || ($_SESSION['token'] != $_GET['token'])) {
+    exit();
+}
+
+if ($_SESSION['user'] == 'admin') {
+    if (!empty($_GET['package'])) {
+        $v_package = escapeshellarg($_GET['package']);
+        exec (VESTA_CMD."v-delete-user-package ".$v_package, $output, $return_var);
+    }
+    check_return_code($return_var,$output);
+    unset($output);
+}
+
+$result = array(
+    'error' => $_SESSION['error_msg'],
+    'ok_msg' => $_SESSION['ok_msg']
+  );
+  
+echo json_encode($result);
+unset($_SESSION['error_msg']);
+unset($_SESSION['ok_msg']);
diff --git a/web/api/v1/delete/user/index.php b/web/api/v1/delete/user/index.php
new file mode 100644
index 000000000..a85982ef4
--- /dev/null
+++ b/web/api/v1/delete/user/index.php
@@ -0,0 +1,31 @@
+<?php
+// Init
+error_reporting(NULL);
+ob_start();
+session_start();
+header('Content-Type: application/json');
+include($_SERVER['DOCUMENT_ROOT']."/inc/main.php");
+
+// Check token
+if ((!isset($_GET['token'])) || ($_SESSION['token'] != $_GET['token'])) {
+    exit();
+}
+
+if ($_SESSION['user'] == 'admin') {
+    if (!empty($_GET['user'])) {
+        $v_username = escapeshellarg($_GET['user']);
+        exec (VESTA_CMD."v-delete-user ".$v_username, $output, $return_var);
+    }
+    check_return_code($return_var,$output);
+    unset($_SESSION['look']);
+    unset($output);
+}
+
+$result = array(
+    'error' => $_SESSION['error_msg'],
+    'ok_msg' => $_SESSION['ok_msg']
+  );
+  
+echo json_encode($result);
+unset($_SESSION['error_msg']);
+unset($_SESSION['ok_msg']);
diff --git a/web/api/v1/delete/web/index.php b/web/api/v1/delete/web/index.php
new file mode 100644
index 000000000..46a4aea83
--- /dev/null
+++ b/web/api/v1/delete/web/index.php
@@ -0,0 +1,34 @@
+<?php
+// Init
+error_reporting(NULL);
+ob_start();
+session_start();
+header('Content-Type: application/json');
+include($_SERVER['DOCUMENT_ROOT']."/inc/main.php");
+
+// Check token
+if ((!isset($_GET['token'])) || ($_SESSION['token'] != $_GET['token'])) {
+    exit();
+}
+
+// Delete as someone else?
+if (($_SESSION['user'] == 'admin') && (!empty($_GET['user']))) {
+    $user=$_GET['user'];
+}
+
+if (!empty($_GET['domain'])) {
+    $v_username = escapeshellarg($user);
+    $v_domain = escapeshellarg($_GET['domain']);
+    exec (VESTA_CMD."v-delete-domain ".$v_username." ".$v_domain, $output, $return_var);
+    check_return_code($return_var,$output);
+    unset($output);
+}
+
+$result = array(
+    'error' => $_SESSION['error_msg'],
+    'ok_msg' => $_SESSION['ok_msg']
+  );
+  
+echo json_encode($result);
+unset($_SESSION['error_msg']);
+unset($_SESSION['ok_msg']);
diff --git a/web/api/v1/download/backup/index.php b/web/api/v1/download/backup/index.php
new file mode 100644
index 000000000..068467148
--- /dev/null
+++ b/web/api/v1/download/backup/index.php
@@ -0,0 +1,26 @@
+<?php
+// Init
+error_reporting(NULL);
+session_start();
+include($_SERVER['DOCUMENT_ROOT']."/inc/main.php");
+$backup = basename($_GET['backup']);
+
+// Check if the backup exists
+if (!file_exists('/backup/'.$backup)) {
+    exit(0);
+}
+
+// Data
+if ($_SESSION['user'] == 'admin') {
+    header('Content-type: application/gzip');
+    header("Content-Disposition: attachment; filename=\"".$backup."\";" ); 
+    header("X-Accel-Redirect: /backup/" . $backup);
+}
+
+if ((!empty($_SESSION['user'])) && ($_SESSION['user'] != 'admin')) {
+    if (strpos($backup, $user.'.') === 0) {
+        header('Content-type: application/gzip');
+        header("Content-Disposition: attachment; filename=\"".$backup."\";" ); 
+        header("X-Accel-Redirect: /backup/" . $backup);
+    }
+}
diff --git a/web/api/v1/download/file/index.php b/web/api/v1/download/file/index.php
new file mode 100644
index 000000000..efabb0e15
--- /dev/null
+++ b/web/api/v1/download/file/index.php
@@ -0,0 +1,33 @@
+<?php
+include($_SERVER['DOCUMENT_ROOT']."/inc/main.php");
+
+if ((!isset($_SESSION['FILEMANAGER_KEY'])) || (empty($_SESSION['FILEMANAGER_KEY']))) {
+    header("Location: /login/");
+    exit;
+}
+
+$user = $_SESSION['user'];
+if (($_SESSION['user'] == 'admin') && (!empty($_SESSION['look']))) {
+    $user = $_SESSION['look'];
+}
+
+$path = $_REQUEST['path'];
+if (!empty($path)) {
+    set_time_limit(0);
+	if (ob_get_level()) {
+	  ob_end_clean();
+	}	
+    header("Content-type: application/octet-stream");
+    header("Content-Transfer-Encoding: binary");
+    header("Content-disposition: attachment;filename=".basename($path));
+	$output = '';
+	exec(VESTA_CMD . "v-check-fs-permission " . $user . " " . escapeshellarg($path), $output, $return_var);
+	if ($return_var != 0) {
+	  print 'Error while opening file'; // todo: handle this more styled
+	  exit;
+	}
+	readfile($path);
+    exit;
+} else {
+    die('File not found');
+}
diff --git a/web/api/v1/download/web-log/index.php b/web/api/v1/download/web-log/index.php
new file mode 100644
index 000000000..79b5601cd
--- /dev/null
+++ b/web/api/v1/download/web-log/index.php
@@ -0,0 +1,28 @@
+<?php
+// Init
+error_reporting(NULL);
+session_start();
+include($_SERVER['DOCUMENT_ROOT']."/inc/main.php");
+$v_domain = $_GET['domain'];
+$v_domain = escapeshellarg($_GET['domain']);
+if ($_GET['type'] == 'access') $type = 'access';
+if ($_GET['type'] == 'error') $type = 'error';
+
+header("Cache-Control: public");
+header("Content-Description: File Transfer");
+header("Content-Disposition: attachment; filename=".$_GET['domain'].".".$type."-log.txt");
+header("Content-Type: application/octet-stream; "); 
+header("Content-Transfer-Encoding: binary");
+
+$v_domain = escapeshellarg($_GET['domain']);
+if ($_GET['type'] == 'access') $type = 'access';
+if ($_GET['type'] == 'error') $type = 'error';
+
+exec (VESTA_CMD."v-list-web-domain-".$type."log $user ".$v_domain." 5000", $output, $return_var);
+if ($return_var == 0 ) {
+    foreach($output as $file) {
+        echo $file . "\n";
+    }
+}
+
+?>
diff --git a/web/api/v1/edit/backup/exclusions/index.php b/web/api/v1/edit/backup/exclusions/index.php
new file mode 100644
index 000000000..13bd32c97
--- /dev/null
+++ b/web/api/v1/edit/backup/exclusions/index.php
@@ -0,0 +1,143 @@
+<?php
+// Init
+error_reporting(NULL);
+ob_start();
+$TAB = 'BACKUP';
+
+header('Content-Type: application/json');
+
+include($_SERVER['DOCUMENT_ROOT']."/inc/main.php");
+
+// Edit as someone else?
+if (($_SESSION['user'] == 'admin') && (!empty($_GET['user']))) {
+    $user=escapeshellarg($_GET['user']);
+}
+
+// List backup exclustions
+exec (VESTA_CMD."v-list-user-backup-exclusions ".$user." json", $output, $return_var);
+check_return_code($return_var,$output);
+$data = json_decode(implode('', $output), true);
+unset($output);
+
+// Parse web
+$v_username = $user;
+foreach ($data['WEB'] as $key => $value) {
+    if (!empty($value)){
+        $v_web .= $key . ":" . $value. "\n";
+    } else {
+        $v_web .= $key . "\n";
+    }
+}
+
+// Parse dns
+foreach ($data['DNS'] as $key => $value) {
+    if (!empty($value)){
+        $v_dns .= $key . ":" . $value. "\n";
+    } else {
+        $v_dns .= $key . "\n";
+    }
+}
+
+// Parse mail
+foreach ($data['MAIL'] as $key => $value) {
+    if (!empty($value)){
+        $v_mail .= $key . ":" . $value. "\n";
+    } else {
+        $v_mail .= $key . "\n";
+    }
+}
+
+// Parse databases
+foreach ($data['DB'] as $key => $value) {
+    if (!empty($value)){
+        $v_db .= $key . ":" . $value. "\n";
+    } else {
+        $v_db .= $key . "\n";
+    }
+}
+
+// Parse user directories
+foreach ($data['USER'] as $key => $value) {
+    if (!empty($value)){
+        $v_userdir .= $key . ":" . $value. "\n";
+    } else {
+        $v_userdir .= $key . "\n";
+    }
+}
+
+// Check POST request
+if (!empty($_POST['save'])) {
+
+    // Check token
+    if ((!isset($_POST['token'])) || ($_SESSION['token'] != $_POST['token'])) {
+        exit();
+    }
+
+    $v_web = $_POST['v_web'];
+    $v_web_tmp = str_replace("\r\n", ",", $_POST['v_web']);
+    $v_web_tmp = rtrim($v_web_tmp, ",");
+    $v_web_tmp = "WEB=" . escapeshellarg($v_web_tmp);
+
+    $v_dns = $_POST['v_dns'];
+    $v_dns_tmp = str_replace("\r\n", ",", $_POST['v_dns']);
+    $v_dns_tmp = rtrim($v_dns_tmp, ",");
+    $v_dns_tmp = "DNS=" . escapeshellarg($v_dns_tmp);
+
+    $v_mail = $_POST['v_mail'];
+    $v_mail_tmp = str_replace("\r\n", ",", $_POST['v_mail']);
+    $v_mail_tmp = rtrim($v_mail_tmp, ",");
+    $v_mail_tmp = "MAIL=" . escapeshellarg($v_mail_tmp);
+
+    $v_db = $_POST['v_db'];
+    $v_db_tmp = str_replace("\r\n", ",", $_POST['v_db']);
+    $v_db_tmp = rtrim($v_db_tmp, ",");
+    $v_db_tmp = "DB=" . escapeshellarg($v_db_tmp);
+
+    $v_cron = $_POST['v_cron'];
+    $v_cron_tmp = str_replace("\r\n", ",", $_POST['v_cron']);
+    $v_cron_tmp = rtrim($v_cron_tmp, ",");
+    $v_cron_tmp = "CRON=" . escapeshellarg($v_cron_tmp);
+
+    $v_userdir = $_POST['v_userdir'];
+    $v_userdir_tmp = str_replace("\r\n", ",", $_POST['v_userdir']);
+    $v_userdir_tmp = rtrim($v_userdir_tmp, ",");
+    $v_userdir_tmp = "USER=" . escapeshellarg($v_userdir_tmp);
+
+    // Create temporary exeption list on a filesystem
+    exec ('mktemp', $mktemp_output, $return_var);
+    $tmp = $mktemp_output[0];
+    $fp = fopen($tmp, 'w');
+    fwrite($fp, $v_web_tmp . "\n" . $v_dns_tmp . "\n" . $v_mail_tmp . "\n" .  $v_db_tmp . "\n" . $v_userdir_tmp . "\n");
+    fclose($fp);
+    unset($mktemp_output);
+
+    // Save changes
+    exec (VESTA_CMD."v-update-user-backup-exclusions ".$user." ".$tmp, $output, $return_var);
+    check_return_code($return_var,$output);
+    unset($output);
+
+    // Set success message
+    if (empty($_SESSION['error_msg'])) {
+        $_SESSION['ok_msg'] = __("Changes has been saved.");
+    }
+}
+
+
+// Render page
+// render_page($user, $TAB, 'edit_backup_exclusions');
+
+$result = array(
+    'web' => $v_web,
+    'dns' => $v_dns,
+    'mail' => $v_mail,
+    'db' => $v_db,
+    'userdir' => $v_userdir,
+    'error_msg' => $_SESSION['error_msg'],
+    'ok_msg' => $_SESSION['ok_msg']
+);
+
+echo json_encode($result);
+
+// Flush session messages
+unset($_SESSION['error_msg']);
+unset($_SESSION['ok_msg']);
diff --git a/web/api/v1/edit/cron/index.php b/web/api/v1/edit/cron/index.php
new file mode 100644
index 000000000..697c04922
--- /dev/null
+++ b/web/api/v1/edit/cron/index.php
@@ -0,0 +1,102 @@
+<?php
+// Init
+error_reporting(NULL);
+ob_start();
+session_start();
+$TAB = 'CRON';
+
+header('Content-Type: application/json');
+
+include($_SERVER['DOCUMENT_ROOT']."/inc/main.php");
+
+// Edit as someone else?
+if (($_SESSION['user'] == 'admin') && (!empty($_GET['user']))) {
+    $user=escapeshellarg($_GET['user']);
+}
+
+// Check job id
+if (empty($_GET['job'])) {
+    exit;
+}
+
+// List cron job
+$v_job = escapeshellarg($_GET['job']);
+exec (VESTA_CMD."v-list-cron-job ".$user." ".$v_job." json", $output, $return_var);
+check_return_code($return_var,$output);
+
+$data = json_decode(implode('', $output), true);
+unset($output);
+
+// Parse cron job
+$v_username = $user;
+$v_job = $_GET['job'];
+$v_min = $data[$v_job]['MIN'];
+$v_hour = $data[$v_job]['HOUR'];
+$v_day = $data[$v_job]['DAY'];
+$v_month = $data[$v_job]['MONTH'];
+$v_wday = $data[$v_job]['WDAY'];
+$v_cmd = $data[$v_job]['CMD'];
+$v_date = $data[$v_job]['DATE'];
+$v_time = $data[$v_job]['TIME'];
+$v_suspended = $data[$v_job]['SUSPENDED'];
+if ( $v_suspended == 'yes' ) {
+    $v_status =  'suspended';
+} else {
+    $v_status =  'active';
+}
+
+// Check POST request
+if (!empty($_POST['save'])) {
+
+    // Check token
+    if ((!isset($_POST['token'])) || ($_SESSION['token'] != $_POST['token'])) {
+        exit();
+    }
+
+    $v_username = $user;
+    $v_job = escapeshellarg($_GET['job']);
+    $v_min = escapeshellarg($_POST['v_min']);
+    $v_hour = escapeshellarg($_POST['v_hour']);
+    $v_day = escapeshellarg($_POST['v_day']);
+    $v_month = escapeshellarg($_POST['v_month']);
+    $v_wday = escapeshellarg($_POST['v_wday']);
+    $v_cmd = escapeshellarg($_POST['v_cmd']);
+
+    // Save changes
+    exec (VESTA_CMD."v-change-cron-job ".$v_username." ".$v_job." ".$v_min." ".$v_hour." ".$v_day." ".$v_month." ".$v_wday." ".$v_cmd, $output, $return_var);
+    check_return_code($return_var,$output);
+    unset($output);
+
+    $v_cmd = $_POST['v_cmd'];
+
+    // Set success message
+    if (empty($_SESSION['error_msg'])) {
+        $_SESSION['ok_msg'] = __("Changes has been saved.");
+    }
+}
+
+// Render page
+// render_page($user, $TAB, 'edit_cron');
+
+$result = array(
+    'username' => $user,
+    'job' => $_GET['job'],
+    'min' => $data[$v_job]['MIN'],
+    'hour' => $data[$v_job]['HOUR'],
+    'day' => $data[$v_job]['DAY'],
+    'month' => $data[$v_job]['MONTH'],
+    'wday' => $data[$v_job]['WDAY'],
+    'cmd' => $data[$v_job]['CMD'],
+    'date' => $data[$v_job]['DATE'],
+    'time' => $data[$v_job]['TIME'],
+    'suspended' => $data[$v_job]['SUSPENDED'],
+    'status' => $v_status,
+    'error_msg' => $_SESSION['error_msg'],
+    'ok_msg' => $_SESSION['ok_msg']
+);
+
+echo json_encode($result);
+
+// Flush session messages
+unset($_SESSION['error_msg']);
+unset($_SESSION['ok_msg']);
diff --git a/web/api/v1/edit/db/index.php b/web/api/v1/edit/db/index.php
new file mode 100644
index 000000000..7aaced147
--- /dev/null
+++ b/web/api/v1/edit/db/index.php
@@ -0,0 +1,109 @@
+<?php
+// Init
+error_reporting(NULL);
+ob_start();
+$TAB = 'DB';
+
+header('Content-Type: application/json');
+
+// Main include
+include($_SERVER['DOCUMENT_ROOT'].'/inc/main.php');
+
+// Check database id
+if (empty($_GET['database'])) {
+    exit;
+}
+
+// Edit as someone else?
+if (($_SESSION['user'] == 'admin') && (!empty($_GET['user']))) {
+    $user=escapeshellarg($_GET['user']);
+}
+
+// List datbase
+$v_database = escapeshellarg($_GET['database']);
+exec (VESTA_CMD."v-list-database ".$user." ".$v_database." json", $output, $return_var);
+check_return_code($return_var,$output);
+$data = json_decode(implode('', $output), true);
+unset($output);
+
+// Parse database
+$v_username = $user;
+$v_database = $_GET['database'];
+$v_dbuser = $data[$v_database]['DBUSER'];
+$v_password = "";
+$v_host = $data[$v_database]['HOST'];
+$v_type = $data[$v_database]['TYPE'];
+$v_charset = $data[$v_database]['CHARSET'];
+$v_date = $data[$v_database]['DATE'];
+$v_time = $data[$v_database]['TIME'];
+$v_suspended = $data[$v_database]['SUSPENDED'];
+if ( $v_suspended == 'yes' ) {
+    $v_status =  'suspended';
+} else {
+    $v_status =  'active';
+}
+
+$v_database = escapeshellarg($_GET['database']);
+
+// Check POST request
+if (!empty($_POST['save'])) {
+    $v_username = $user;
+
+    // Check token
+    if ((!isset($_POST['token'])) || ($_SESSION['token'] != $_POST['token'])) {
+        exit();
+    }
+
+    // Change database user
+    if (($v_dbuser != $_POST['v_dbuser']) && (empty($_SESSION['error_msg']))) {
+        $v_dbuser = preg_replace("/^".$user."_/", "", $_POST['v_dbuser']);
+        $v_dbuser = escapeshellarg($v_dbuser);
+        exec (VESTA_CMD."v-change-database-user ".$v_username." ".$v_database." ".$v_dbuser, $output, $return_var);
+        check_return_code($return_var,$output);
+        unset($output);
+        $v_dbuser = $user."_".preg_replace("/^".$user."_/", "", $_POST['v_dbuser']);
+    }
+
+    // Change database password
+    if ((!empty($_POST['v_password'])) && (empty($_SESSION['error_msg']))) {
+        $v_password = tempnam("/tmp","vst");
+        $fp = fopen($v_password, "w");
+        fwrite($fp, $_POST['v_password']."\n");
+        fclose($fp);
+        exec (VESTA_CMD."v-change-database-password ".$v_username." ".$v_database." ".$v_password, $output, $return_var);
+        check_return_code($return_var,$output);
+        unset($output);
+        unlink($v_password);
+        $v_password = escapeshellarg($_POST['v_password']);
+    }
+
+    // Set success message
+    if (empty($_SESSION['error_msg'])) {
+        $_SESSION['ok_msg'] = __('Changes has been saved.');
+    }
+}
+
+// Render page
+// render_page($user, $TAB, 'edit_db');
+
+$result = array(
+    'username' => $user,
+    'database' => $_GET['database'],
+    'dbuser' => $data[$_GET['database']]['DBUSER'],
+    'password' => $_POST['v_password'],
+    'host' => $data[$_GET['database']]['HOST'],
+    'type' => $data[$_GET['database']]['TYPE'],
+    'charset' => $data[$_GET['database']]['CHARSET'],
+    'date' => $data[$_GET['database']]['DATE'],
+    'time' => $data[$_GET['database']]['TIME'],
+    'suspended' => $data[$_GET['database']]['SUSPENDED'],
+    'status' => $v_status,
+    'error_msg' => $_SESSION['error_msg'],
+    'ok_msg' => $_SESSION['ok_msg']
+);
+
+echo json_encode($result);
+
+// Flush session messages
+unset($_SESSION['error_msg']);
+unset($_SESSION['ok_msg']);
diff --git a/web/api/v1/edit/dns/index.php b/web/api/v1/edit/dns/index.php
new file mode 100644
index 000000000..74aae592c
--- /dev/null
+++ b/web/api/v1/edit/dns/index.php
@@ -0,0 +1,225 @@
+<?php
+error_reporting(NULL);
+ob_start();
+$TAB = 'DNS';
+
+header('Content-Type: application/json');
+
+// Main include
+include($_SERVER['DOCUMENT_ROOT']."/inc/main.php");
+
+// Check domain name
+if (empty($_GET['domain'])) {
+    exit;
+}
+
+// Edit as someone else?
+if (($_SESSION['user'] == 'admin') && (!empty($_GET['user']))) {
+    $user=escapeshellarg($_GET['user']);
+}
+
+// List dns domain
+if ((!empty($_GET['domain'])) && (empty($_GET['record_id'])))  {
+    $v_domain = escapeshellarg($_GET['domain']);
+    exec (VESTA_CMD."v-list-dns-domain ".$user." ".$v_domain." json", $output, $return_var);
+    check_return_code($return_var,$output);
+    $data = json_decode(implode('', $output), true);
+    unset($output);
+
+    // Parse dns domain
+    $v_username = $user;
+    $v_domain = $_GET['domain'];
+    $v_ip = $data[$v_domain]['IP'];
+    $v_template = $data[$v_domain]['TPL'];
+    $v_ttl = $data[$v_domain]['TTL'];
+    $v_exp = $data[$v_domain]['EXP'];
+    $v_soa = $data[$v_domain]['SOA'];
+    $v_date = $data[$v_domain]['DATE'];
+    $v_time = $data[$v_domain]['TIME'];
+    $v_suspended = $data[$v_domain]['SUSPENDED'];
+    if ( $v_suspended == 'yes' ) {
+        $v_status =  'suspended';
+    } else {
+        $v_status =  'active';
+    }
+
+    // List dns templates
+    exec (VESTA_CMD."v-list-dns-templates json", $output, $return_var);
+    $templates = json_decode(implode('', $output), true);
+    unset($output);
+}
+
+// List dns record
+if ((!empty($_GET['domain'])) && (!empty($_GET['record_id'])))  {
+    $v_domain = escapeshellarg($_GET['domain']);
+    $v_record_id = escapeshellarg($_GET['record_id']);
+    exec (VESTA_CMD."v-list-dns-records ".$user." ".$v_domain." json", $output, $return_var);
+    check_return_code($return_var,$output);
+    $data = json_decode(implode('', $output), true);
+    unset($output);
+
+    // Parse dns record
+    $v_username = $user;
+    $v_domain = $_GET['domain'];
+    $v_record_id = $_GET['record_id'];
+    $v_rec = $data[$v_record_id]['RECORD'];
+    $v_type = $data[$v_record_id]['TYPE'];
+    $v_val = $data[$v_record_id]['VALUE'];
+    $v_priority = $data[$v_record_id]['PRIORITY'];
+    $v_suspended = $data[$v_record_id]['SUSPENDED'];
+    if ( $v_suspended == 'yes' ) {
+        $v_status =  'suspended';
+    } else {
+        $v_status =  'active';
+    }
+    $v_date = $data[$v_record_id]['DATE'];
+    $v_time = $data[$v_record_id]['TIME'];
+}
+
+// Check POST request for dns domain
+if ((!empty($_POST['save'])) && (!empty($_GET['domain'])) && (empty($_GET['record_id']))) {
+    $v_domain = escapeshellarg($_POST['v_domain']);
+
+    // Check token
+    if ((!isset($_POST['token'])) || ($_SESSION['token'] != $_POST['token'])) {
+        exit();
+    }
+
+    // Change domain IP
+    if (($v_ip != $_POST['v_ip']) && (empty($_SESSION['error_msg']))) {
+        $v_ip = escapeshellarg($_POST['v_ip']);
+        exec (VESTA_CMD."v-change-dns-domain-ip ".$v_username." ".$v_domain." ".$v_ip." no", $output, $return_var);
+        check_return_code($return_var,$output);
+        $restart_dns = 'yes';
+        unset($output);
+    }
+
+    // Change domain template
+    if (($v_template != $_POST['v_template']) && (empty($_SESSION['error_msg']))) {
+        $v_template = escapeshellarg($_POST['v_template']);
+        exec (VESTA_CMD."v-change-dns-domain-tpl ".$v_username." ".$v_domain." ".$v_template." no", $output, $return_var);
+        check_return_code($return_var,$output);
+        unset($output);
+        $restart_dns = 'yes';
+    }
+
+    // Change SOA record
+    if (($v_soa != $_POST['v_soa']) && (empty($_SESSION['error_msg']))) {
+        $v_soa = escapeshellarg($_POST['v_soa']);
+        exec (VESTA_CMD."v-change-dns-domain-soa ".$v_username." ".$v_domain." ".$v_soa." no", $output, $return_var);
+        check_return_code($return_var,$output);
+        unset($output);
+        $restart_dns = 'yes';
+    }
+
+    // Change expiriation date
+    if (($v_exp != $_POST['v_exp']) && (empty($_SESSION['error_msg']))) {
+        $v_exp = escapeshellarg($_POST['v_exp']);
+        exec (VESTA_CMD."v-change-dns-domain-exp ".$v_username." ".$v_domain." ".$v_exp." no", $output, $return_var);
+        check_return_code($return_var,$output);
+        unset($output);
+    }
+
+    // Change domain ttl
+    if (($v_ttl != $_POST['v_ttl']) && (empty($_SESSION['error_msg']))) {
+        $v_ttl = escapeshellarg($_POST['v_ttl']);
+        exec (VESTA_CMD."v-change-dns-domain-ttl ".$v_username." ".$v_domain." ".$v_ttl." no", $output, $return_var);
+        check_return_code($return_var,$output);
+        unset($output);
+        $restart_dns = 'yes';
+    }
+
+    // Restart dns server
+    if (!empty($restart_dns) && (empty($_SESSION['error_msg']))) {
+        exec (VESTA_CMD."v-restart-dns", $output, $return_var);
+        check_return_code($return_var,$output);
+        unset($output);
+    }
+
+    // Set success message
+    if (empty($_SESSION['error_msg'])) {
+        $_SESSION['ok_msg'] = __('Changes has been saved.');
+    }
+}
+
+// Check POST request for dns record
+if ((!empty($_POST['save'])) && (!empty($_GET['domain'])) && (!empty($_GET['record_id']))) {
+
+    // Check token
+    if ((!isset($_POST['token'])) || ($_SESSION['token'] != $_POST['token'])) {
+        exit();
+    }
+
+    // Protect input
+    $v_domain = escapeshellarg($_POST['v_domain']);
+    $v_record_id = escapeshellarg($_POST['v_record_id']);
+
+    // Change dns record
+    if (($v_val != $_POST['v_val']) || ($v_priority != $_POST['v_priority']) && (empty($_SESSION['error_msg']))) {
+        $v_val = escapeshellarg($_POST['v_val']);
+        $v_priority = escapeshellarg($_POST['v_priority']);
+        exec (VESTA_CMD."v-change-dns-record ".$v_username." ".$v_domain." ".$v_record_id." ".$v_val." ".$v_priority, $output, $return_var);
+        check_return_code($return_var,$output);
+        $v_val = $_POST['v_val'];
+        unset($output);
+        $restart_dns = 'yes';
+    }
+
+    // Change dns record id
+    if (($_GET['record_id'] != $_POST['v_record_id']) && (empty($_SESSION['error_msg']))) {
+        $v_old_record_id = escapeshellarg($_GET['record_id']);
+        exec (VESTA_CMD."v-change-dns-record-id ".$v_username." ".$v_domain." ".$v_old_record_id." ".$v_record_id, $output, $return_var);
+        check_return_code($return_var,$output);
+        unset($output);
+        $restart_dns = 'yes';
+    }
+
+    // Restart dns server
+    if (!empty($restart_dns) && (empty($_SESSION['error_msg']))) {
+        exec (VESTA_CMD."v-restart-dns", $output, $return_var);
+        check_return_code($return_var,$output);
+        unset($output);
+    }
+
+    // Set success message
+    if (empty($_SESSION['error_msg'])) {
+        $_SESSION['ok_msg'] = __('Changes has been saved.');
+    }
+
+    // Change url if record id was changed
+    if ((empty($_SESSION['error_msg'])) && ($_GET['record_id'] != $_POST['v_record_id'])) {
+        header("Location: /edit/dns/?domain=".$_GET['domain']."&record_id=".$_POST['v_record_id']);
+        exit;
+    }
+}
+
+$result = array(
+	'username' => $user,
+	'domain' => $v_domain,
+    'domain' => $_GET['domain'],
+    'ip' => $data[$v_domain]['IP'],
+    'record_id' => $v_record_id,
+    'rec' => $v_rec,
+    'type' => $v_type,
+    'val' => $v_val,
+    'priority' => $v_priority,
+    'template' => $data[$v_domain]['TPL'],
+    'ttl' => $data[$v_domain]['TTL'],
+    'exp' => $data[$v_domain]['EXP'],
+    'soa' => $data[$v_domain]['SOA'],
+    'date' => $v_date,
+    'time' => $v_time,
+    'suspended' => $v_suspended,
+    'error_msg' => $_SESSION['error_msg'],
+    'ok_msg' => $_SESSION['ok_msg'],
+    'status' => $v_status,
+    'dns_system' => $_SESSION['DNS_SYSTEM'],
+    'YYYY-MM-DD' => __('YYYY-MM-DD'),
+    'templates' => $templates
+);
+
+echo json_encode($result);
+
+// Flush session messages
+unset($_SESSION['error_msg']);
+unset($_SESSION['ok_msg']);
diff --git a/web/api/v1/edit/file/index.php b/web/api/v1/edit/file/index.php
new file mode 100644
index 000000000..9f08e497d
--- /dev/null
+++ b/web/api/v1/edit/file/index.php
@@ -0,0 +1,51 @@
+<?php
+
+include($_SERVER['DOCUMENT_ROOT']."/inc/main.php");
+$user = $_SESSION['user'];
+
+// Check login_as feature
+if (($_SESSION['user'] == 'admin') && (!empty($_SESSION['look']))) {
+    $user=$_SESSION['look'];
+}
+
+if (!empty($_REQUEST['path'])) {
+    $content = '';
+    $path = $_REQUEST['path'];
+    if (!empty($_POST['save'])) {
+        $fn = tempnam ('/tmp', 'vst-save-file-');
+        if ($fn) {
+            $contents = $_POST['contents'];
+            $contents = preg_replace("/\r/", "", $contents);
+            $f = fopen ($fn, 'w+');
+            fwrite($f, $contents);
+            fclose($f);
+            chmod($fn, 0644);
+
+            if ($f) {
+                exec (VESTA_CMD . "v-copy-fs-file {$user} {$fn} ".escapeshellarg($path), $output, $return_var);
+                $error = check_return_code($return_var, $output);
+                if ($return_var != 0) {
+                    $error = 'Error while saving file';
+                    exit;
+                }
+            }
+            unlink($fn);
+        }
+    }
+
+    exec (VESTA_CMD . "v-open-fs-file {$user} ".escapeshellarg($path), $content, $return_var);
+    if ($return_var != 0) {
+        $error = 'Error while opening file'; // todo: handle this more styled
+        exit;
+    }
+    $content = implode("\n", $content)."\n";
+} else {
+    $content = '';
+}
+
+$result = array(
+	'error' => $error,
+	'content' => $content
+);
+
+echo json_encode($result);
diff --git a/web/api/v1/edit/firewall/index.php b/web/api/v1/edit/firewall/index.php
new file mode 100644
index 000000000..37c9e9cc3
--- /dev/null
+++ b/web/api/v1/edit/firewall/index.php
@@ -0,0 +1,103 @@
+<?php
+error_reporting(NULL);
+ob_start();
+$TAB = 'FIREWALL';
+
+header('Content-Type: application/json');
+
+// Main include
+include($_SERVER['DOCUMENT_ROOT']."/inc/main.php");
+
+// Check user
+if ($_SESSION['user'] != 'admin') {
+    exit;
+}
+
+// Check ip argument
+if (empty($_GET['rule'])) {
+    exit;
+}
+
+// List rule
+$v_rule = escapeshellarg($_GET['rule']);
+exec (VESTA_CMD."v-list-firewall-rule ".$v_rule." json", $output, $return_var);
+check_return_code($return_var,$output);
+$data = json_decode(implode('', $output), true);
+unset($output);
+
+// Parse rule
+$v_rule = $_GET['rule'];
+$v_action = $data[$v_rule]['ACTION'];
+$v_protocol = $data[$v_rule]['PROTOCOL'];
+$v_port = $data[$v_rule]['PORT'];
+$v_ip = $data[$v_rule]['IP'];
+$v_comment = $data[$v_rule]['COMMENT'];
+$v_date = $data[$v_rule]['DATE'];
+$v_time = $data[$v_rule]['TIME'];
+$v_suspended = $data[$v_rule]['SUSPENDED'];
+if ( $v_suspended == 'yes' ) {
+    $v_status =  'suspended';
+} else {
+    $v_status =  'active';
+}
+
+// Check POST request
+if (!empty($_POST['save'])) {
+
+    // Check token
+    if ((!isset($_POST['token'])) || ($_SESSION['token'] != $_POST['token'])) {
+        exit();
+    }
+
+    $v_rule = escapeshellarg($_GET['rule']);
+    $v_action = escapeshellarg($_POST['v_action']);
+    $v_protocol = escapeshellarg($_POST['v_protocol']);
+    $v_port = str_replace(" ",",", $_POST['v_port']);
+    $v_port = preg_replace('/\,+/', ',', $v_port);
+    $v_port = trim($v_port, ",");
+    $v_port = escapeshellarg($v_port);
+    $v_ip = escapeshellarg($_POST['v_ip']);
+    $v_comment = escapeshellarg($_POST['v_comment']);
+
+    // Change Status
+    exec (VESTA_CMD."v-change-firewall-rule ".$v_rule." ".$v_action." ".$v_ip."  ".$v_port." ".$v_protocol." ".$v_comment, $output, $return_var);
+    check_return_code($return_var,$output);
+    unset($output);
+
+    $v_rule = $_GET['v_rule'];
+    $v_action = $_POST['v_action'];
+    $v_protocol = $_POST['v_protocol'];
+    $v_port = str_replace(" ",",", $_POST['v_port']);
+    $v_port = preg_replace('/\,+/', ',', $v_port);
+    $v_port = trim($v_port, ",");
+    $v_ip = $_POST['v_ip'];
+    $v_comment = $_POST['v_comment'];
+
+    // Set success message
+    if (empty($_SESSION['error_msg'])) {
+        $_SESSION['ok_msg'] = __('Changes has been saved.');
+    }
+}
+
+$result = array(
+	'rule' => $_GET['rule'],
+	'action' => $data[$v_rule]['ACTION'],
+	'protocol' => $data[$v_rule]['PROTOCOL'],
+	'port' => $data[$v_rule]['PORT'],
+	'ip' => $data[$v_rule]['IP'],
+	'comment' => $data[$v_rule]['COMMENT'],
+	'date' => $data[$v_rule]['DATE'],
+	'time' => $data[$v_rule]['TIME'],
+	'suspended' => $data[$v_rule]['SUSPENDED'],
+    'status' => $v_status,
+    'actions' => [ __('DROP'), __('ACCEPT') ],
+    'protocols' => [ __('TCP'), __('UDP'), __('ICMP') ],
+    'error_msg' => $_SESSION['error_msg'],
+    'ok_msg' => $_SESSION['ok_msg']
+);
+
+echo json_encode($result);
+
+// Flush session messages
+unset($_SESSION['error_msg']);
+unset($_SESSION['ok_msg']);
diff --git a/web/api/v1/edit/ip/index.php b/web/api/v1/edit/ip/index.php
new file mode 100644
index 000000000..006e89767
--- /dev/null
+++ b/web/api/v1/edit/ip/index.php
@@ -0,0 +1,124 @@
+<?php
+error_reporting(NULL);
+ob_start();
+$TAB = 'IP';
+
+header('Content-Type: application/json');
+
+// Main include
+include($_SERVER['DOCUMENT_ROOT']."/inc/main.php");
+
+// Check user
+if ($_SESSION['user'] != 'admin') {
+    exit;
+}
+
+// Check ip argument
+if (empty($_GET['ip'])) {
+    exit;
+}
+
+// List ip
+$v_ip = escapeshellarg($_GET['ip']);
+exec (VESTA_CMD."v-list-sys-ip ".$v_ip." json", $output, $return_var);
+check_return_code($return_var,$output);
+$data = json_decode(implode('', $output), true);
+unset($output);
+
+// Parse ip
+$v_username = $user;
+$v_ip = $_GET['ip'];
+$v_netmask = $data[$v_ip]['NETMASK'];
+$v_interace = $data[$v_ip]['INTERFACE'];
+$v_name = $data[$v_ip]['NAME'];
+$v_nat = $data[$v_ip]['NAT'];
+$v_ipstatus = $data[$v_ip]['STATUS'];
+if ($v_ipstatus == 'dedicated') $v_dedicated = 'yes';
+$v_owner = $data[$v_ip]['OWNER'];
+$v_date = $data[$v_ip]['DATE'];
+$v_time = $data[$v_ip]['TIME'];
+$v_suspended = $data[$v_ip]['SUSPENDED'];
+if ( $v_suspended == 'yes' ) {
+    $v_status =  'suspended';
+} else {
+    $v_status =  'active';
+}
+
+// List users
+exec (VESTA_CMD."v-list-sys-users json", $output, $return_var);
+$users = json_decode(implode('', $output), true);
+unset($output);
+
+// Check POST request
+if (!empty($_POST['save'])) {
+    $v_ip = escapeshellarg($_POST['v_ip']);
+
+    // Change Status
+    if (($v_ipstatus == 'shared') && (empty($_POST['v_shared'])) && (empty($_SESSION['error_msg']))) {
+        exec (VESTA_CMD."v-change-sys-ip-status ".$v_ip." dedicated", $output, $return_var);
+        check_return_code($return_var,$output);
+        unset($output);
+        $v_dedicated = 'yes';
+    }
+    if (($v_ipstatus == 'dedicated') && (!empty($_POST['v_shared'])) && (empty($_SESSION['error_msg']))) {
+        exec (VESTA_CMD."v-change-sys-ip-status ".$v_ip." shared", $output, $return_var);
+        check_return_code($return_var,$output);
+        unset($output);
+        unset($v_dedicated);
+    }
+
+    // Change owner
+    if (($v_owner != $_POST['v_owner']) && (empty($_SESSION['error_msg']))) {
+        $v_owner = escapeshellarg($_POST['v_owner']);
+        exec (VESTA_CMD."v-change-sys-ip-owner ".$v_ip." ".$v_owner, $output, $return_var);
+        check_return_code($return_var,$output);
+        $v_owner = $_POST['v_owner'];
+        unset($output);
+    }
+
+    // Change associated domain
+    if (($v_name != $_POST['v_name']) && (empty($_SESSION['error_msg']))) {
+        $v_name = escapeshellarg($_POST['v_name']);
+        exec (VESTA_CMD."v-change-sys-ip-name ".$v_ip." ".$v_name, $output, $return_var);
+        check_return_code($return_var,$output);
+        unset($output);
+    }
+
+    // Change NAT address
+    if (($v_nat != $_POST['v_nat']) && (empty($_SESSION['error_msg']))) {
+        $v_nat = escapeshellarg($_POST['v_nat']);
+        exec (VESTA_CMD."v-change-sys-ip-nat ".$v_ip." ".$v_nat, $output, $return_var);
+        check_return_code($return_var,$output);
+        unset($output);
+    }
+
+    // Set success message
+    if (empty($_SESSION['error_msg'])) {
+        $_SESSION['ok_msg'] = __('Changes has been saved.');
+    }
+}
+
+$result = array(
+    'username' => $user,
+    'ip' => $_GET['ip'],
+    'netmask' => $data[$v_ip]['NETMASK'],
+    'interface' => $data[$v_ip]['INTERFACE'],
+    'name' => $data[$v_ip]['NAME'],
+    'nat' => $data[$v_ip]['NAT'],
+    'ipstatus' => $data[$v_ip]['STATUS'],
+    'dedicated' => $v_dedicated,
+    'owner' => $data[$v_ip]['OWNER'],
+    'date' => $data[$v_ip]['DATE'],
+    'time' => $data[$v_ip]['TIME'],
+    'suspended' => $data[$v_ip]['SUSPENDED'],
+    'status' =>  'active',
+    'users' => $users,
+    'error_msg' => $_SESSION['error_msg'],
+    'ok_msg' => $_SESSION['ok_msg']
+);
+
+echo json_encode($result);
+
+// Flush session messages
+unset($_SESSION['error_msg']);
+unset($_SESSION['ok_msg']);
diff --git a/web/api/v1/edit/mail/index.php b/web/api/v1/edit/mail/index.php
new file mode 100644
index 000000000..47de71b33
--- /dev/null
+++ b/web/api/v1/edit/mail/index.php
@@ -0,0 +1,372 @@
+<?php
+error_reporting(NULL);
+ob_start();
+$TAB = 'MAIL';
+
+header('Content-Type: application/json');
+
+// Main include
+include($_SERVER['DOCUMENT_ROOT']."/inc/main.php");
+
+// Check domain argument
+if (empty($_GET['domain'])) {
+    exit;
+}
+
+// Edit as someone else?
+if (($_SESSION['user'] == 'admin') && (!empty($_GET['user']))) {
+    $user=escapeshellarg($_GET['user']);
+}
+$v_username = $user;
+
+// List mail domain
+if ((!empty($_GET['domain'])) && (empty($_GET['account'])))  {
+    $v_domain = escapeshellarg($_GET['domain']);
+    exec (VESTA_CMD."v-list-mail-domain ".$user." ".$v_domain." json", $output, $return_var);
+    $data = json_decode(implode('', $output), true);
+    unset($output);
+
+    // Parse domain
+    $v_domain = $_GET['domain'];
+    $v_antispam = $data[$v_domain]['ANTISPAM'];
+    $v_antivirus = $data[$v_domain]['ANTIVIRUS'];
+    $v_dkim = $data[$v_domain]['DKIM'];
+    $v_catchall = $data[$v_domain]['CATCHALL'];
+    $v_date = $data[$v_domain]['DATE'];
+    $v_time = $data[$v_domain]['TIME'];
+    $v_suspended = $data[$v_domain]['SUSPENDED'];
+    if ( $v_suspended == 'yes' ) {
+        $v_status =  'suspended';
+    } else {
+        $v_status =  'active';
+    }
+}
+
+// List mail account
+if ((!empty($_GET['domain'])) && (!empty($_GET['account'])))  {
+    $v_domain = escapeshellarg($_GET['domain']);
+    $v_account = escapeshellarg($_GET['account']);
+    exec (VESTA_CMD."v-list-mail-account ".$user." ".$v_domain." ".$v_account." json", $output, $return_var);
+    $data = json_decode(implode('', $output), true);
+    unset($output);
+
+    // Parse mail account
+    $v_username = $user;
+    $v_domain = $_GET['domain'];
+    $v_account = $_GET['account'];
+    $v_password = "";
+    $v_aliases = str_replace(',', "\n", $data[$v_account]['ALIAS']);
+    $valiases = explode(",", $data[$v_account]['ALIAS']);
+    $v_fwd = str_replace(',', "\n", $data[$v_account]['FWD']);
+    $vfwd = explode(",", $data[$v_account]['FWD']);
+    $v_fwd_only = $data[$v_account]['FWD_ONLY'];
+    $v_quota = $data[$v_account]['QUOTA'];
+    $v_autoreply = $data[$v_account]['AUTOREPLY'];
+    $v_suspended = $data[$v_account]['SUSPENDED'];
+    if ( $v_suspended == 'yes' ) {
+        $v_status =  'suspended';
+    } else {
+        $v_status =  'active';
+    }
+    $v_date = $data[$v_account]['DATE'];
+    $v_time = $data[$v_account]['TIME'];
+
+    $v_domain = escapeshellarg($_GET['domain']);
+    $v_account = escapeshellarg($_GET['account']);
+
+    // Parse autoreply
+    if ( $v_autoreply == 'yes' ) {
+        exec (VESTA_CMD."v-list-mail-account-autoreply ".$user." ".$v_domain." ".$v_account." json", $output, $return_var);
+        $autoreply_str = json_decode(implode('', $output), true);
+        unset($output);
+        $v_autoreply_message = $autoreply_str[$v_account]['MSG'];
+        $v_autoreply_message=str_replace("\\n", "\n", $v_autoreply_message);
+    }
+}
+
+
+// Check POST request for mail domain
+if ((!empty($_POST['save'])) && (!empty($_GET['domain'])) && (empty($_GET['account']))) {
+    $v_domain = escapeshellarg($_POST['v_domain']);
+
+    // Check token
+    if ((!isset($_POST['token'])) || ($_SESSION['token'] != $_POST['token'])) {
+        exit();
+    }
+
+    // Delete antispam
+    if (($v_antispam == 'yes') && (empty($_POST['v_antispam'])) && (empty($_SESSION['error_msg']))) {
+        exec (VESTA_CMD."v-delete-mail-domain-antispam ".$v_username." ".$v_domain, $output, $return_var);
+        check_return_code($return_var,$output);
+        $v_antispam = 'no';
+        unset($output);
+    }
+
+    // Add antispam
+    if (($v_antispam == 'no') && (!empty($_POST['v_antispam'])) && (empty($_SESSION['error_msg']))) {
+        exec (VESTA_CMD."v-add-mail-domain-antispam ".$v_username." ".$v_domain, $output, $return_var);
+        check_return_code($return_var,$output);
+        $v_antispam = 'yes';
+        unset($output);
+    }
+
+    // Delete antivirus
+    if (($v_antivirus == 'yes') && (empty($_POST['v_antivirus'])) && (empty($_SESSION['error_msg']))) {
+        exec (VESTA_CMD."v-delete-mail-domain-antivirus ".$v_username." ".$v_domain, $output, $return_var);
+        check_return_code($return_var,$output);
+        $v_antivirus = 'no';
+        unset($output);
+    }
+
+    // Add antivirs
+    if (($v_antivirus == 'no') && (!empty($_POST['v_antivirus'])) && (empty($_SESSION['error_msg']))) {
+        exec (VESTA_CMD."v-add-mail-domain-antivirus ".$v_username." ".$v_domain, $output, $return_var);
+        check_return_code($return_var,$output);
+        $v_antivirus = 'yes';
+        unset($output);
+    }
+
+    // Delete DKIM
+    if (($v_dkim == 'yes') && (empty($_POST['v_dkim'])) && (empty($_SESSION['error_msg']))) {
+        exec (VESTA_CMD."v-delete-mail-domain-dkim ".$v_username." ".$v_domain, $output, $return_var);
+        check_return_code($return_var,$output);
+        $v_dkim = 'no';
+        unset($output);
+    }
+
+    // Add DKIM
+    if (($v_dkim == 'no') && (!empty($_POST['v_dkim'])) && (empty($_SESSION['error_msg']))) {
+        exec (VESTA_CMD."v-add-mail-domain-dkim ".$v_username." ".$v_domain, $output, $return_var);
+        check_return_code($return_var,$output);
+        $v_dkim = 'yes';
+        unset($output);
+    }
+
+    // Delete catchall
+    if ((!empty($v_catchall)) && (empty($_POST['v_catchall'])) && (empty($_SESSION['error_msg']))) {
+        exec (VESTA_CMD."v-delete-mail-domain-catchall ".$v_username." ".$v_domain, $output, $return_var);
+        check_return_code($return_var,$output);
+        $v_catchall = '';
+        unset($output);
+    }
+
+    // Change catchall address
+    if ((!empty($v_catchall)) && (!empty($_POST['v_catchall'])) && (empty($_SESSION['error_msg']))) {
+        if ($v_catchall != $_POST['v_catchall']) {
+            $v_catchall = escapeshellarg($_POST['v_catchall']);
+            exec (VESTA_CMD."v-change-mail-domain-catchall ".$v_username." ".$v_domain." ".$v_catchall, $output, $return_var);
+            check_return_code($return_var,$output);
+            unset($output);
+        }
+    }
+
+    // Add catchall
+    if ((empty($v_catchall)) && (!empty($_POST['v_catchall'])) && (empty($_SESSION['error_msg']))) {
+        $v_catchall = escapeshellarg($_POST['v_catchall']);
+        exec (VESTA_CMD."v-add-mail-domain-catchall ".$v_username." ".$v_domain." ".$v_catchall, $output, $return_var);
+        check_return_code($return_var,$output);
+        unset($output);
+    }
+
+    // Set success message
+    if (empty($_SESSION['error_msg'])) {
+        $_SESSION['ok_msg'] = __('Changes has been saved.');
+    }
+}
+
+// Check POST request for mail account
+if ((!empty($_POST['save'])) && (!empty($_GET['domain'])) && (!empty($_GET['account']))) {
+
+    // Check token
+    if ((!isset($_POST['token'])) || ($_SESSION['token'] != $_POST['token'])) {
+        header('location: /login/');
+        exit();
+    }
+
+    // Validate email
+    if ((!empty($_POST['v_send_email'])) && (empty($_SESSION['error_msg']))) {
+        if (!filter_var($_POST['v_send_email'], FILTER_VALIDATE_EMAIL)) {
+            $_SESSION['error_msg'] = __('Please enter valid email address.');
+        }
+    }
+
+    $v_domain = escapeshellarg($_POST['v_domain']);
+    $v_account = escapeshellarg($_POST['v_account']);
+    $v_send_email = $_POST['v_send_email'];
+    $v_credentials = $_POST['v_credentials'];
+
+    // Change password
+    if ((!empty($_POST['v_password'])) && (empty($_SESSION['error_msg']))) {
+        $v_password = tempnam("/tmp","vst");
+        $fp = fopen($v_password, "w");
+        fwrite($fp, $_POST['v_password']."\n");
+        fclose($fp);
+        exec (VESTA_CMD."v-change-mail-account-password ".$v_username." ".$v_domain." ".$v_account." ".$v_password, $output, $return_var);
+        check_return_code($return_var,$output);
+        unset($output);
+        unlink($v_password);
+        $v_password = escapeshellarg($_POST['v_password']);;
+    }
+
+    // Change quota
+    if (($v_quota != $_POST['v_quota']) && (empty($_SESSION['error_msg']))) {
+        if (empty($_POST['v_quota'])) {
+            $v_quota = 0;
+        } else {
+            $v_quota = escapeshellarg($_POST['v_quota']);
+        }
+        exec (VESTA_CMD."v-change-mail-account-quota ".$v_username." ".$v_domain." ".$v_account." ".$v_quota, $output, $return_var);
+        check_return_code($return_var,$output);
+        unset($output);
+    }
+
+    // Change account aliases
+    if (empty($_SESSION['error_msg'])) {
+        $waliases = preg_replace("/\n/", " ", $_POST['v_aliases']);
+        $waliases = preg_replace("/,/", " ", $waliases);
+        $waliases = preg_replace('/\s+/', ' ',$waliases);
+        $waliases = trim($waliases);
+        $aliases = explode(" ", $waliases);
+        $v_aliases = str_replace(' ', "\n", $waliases);
+        $result = array_diff($valiases, $aliases);
+        foreach ($result as $alias) {
+            if ((empty($_SESSION['error_msg'])) && (!empty($alias))) {
+                exec (VESTA_CMD."v-delete-mail-account-alias ".$v_username." ".$v_domain." ".$v_account." ".escapeshellarg($alias), $output, $return_var);
+                check_return_code($return_var,$output);
+                unset($output);
+            }
+        }
+        $result = array_diff($aliases, $valiases);
+        foreach ($result as $alias) {
+            if ((empty($_SESSION['error_msg'])) && (!empty($alias))) {
+                exec (VESTA_CMD."v-add-mail-account-alias ".$v_username." ".$v_domain." ".$v_account." ".escapeshellarg($alias), $output, $return_var);
+                check_return_code($return_var,$output);
+                unset($output);
+            }
+        }
+    }
+
+    // Change forwarders
+    if (empty($_SESSION['error_msg'])) {
+        $wfwd = preg_replace("/\n/", " ", $_POST['v_fwd']);
+        $wfwd = preg_replace("/,/", " ", $wfwd);
+        $wfwd = preg_replace('/\s+/', ' ',$wfwd);
+        $wfwd = trim($wfwd);
+        $fwd = explode(" ", $wfwd);
+        $v_fwd = str_replace(' ', "\n", $wfwd);
+        $result = array_diff($vfwd, $fwd);
+        foreach ($result as $forward) {
+            if ((empty($_SESSION['error_msg'])) && (!empty($forward))) {
+                exec (VESTA_CMD."v-delete-mail-account-forward ".$v_username." ".$v_domain." ".$v_account." ".escapeshellarg($forward), $output, $return_var);
+                check_return_code($return_var,$output);
+                unset($output);
+            }
+        }
+        $result = array_diff($fwd, $vfwd);
+        foreach ($result as $forward) {
+            if ((empty($_SESSION['error_msg'])) && (!empty($forward))) {
+                exec (VESTA_CMD."v-add-mail-account-forward ".$v_username." ".$v_domain." ".$v_account." ".escapeshellarg($forward), $output, $return_var);
+                check_return_code($return_var,$output);
+                unset($output);
+            }
+        }
+    }
+
+    // Delete FWD_ONLY flag
+    if (($v_fwd_only == 'yes') && (empty($_POST['v_fwd_only'])) && (empty($_SESSION['error_msg']))) {
+        exec (VESTA_CMD."v-delete-mail-account-fwd-only ".$v_username." ".$v_domain." ".$v_account, $output, $return_var);
+        check_return_code($return_var,$output);
+        unset($output);
+        $v_fwd_only = '';
+    }
+
+    // Add FWD_ONLY flag
+    if (($v_fwd_only != 'yes') && (!empty($_POST['v_fwd_only'])) && (empty($_SESSION['error_msg']))) {
+        exec (VESTA_CMD."v-add-mail-account-fwd-only ".$v_username." ".$v_domain." ".$v_account, $output, $return_var);
+        check_return_code($return_var,$output);
+        unset($output);
+        $v_fwd_only = 'yes';
+    }
+
+    // Delete autoreply
+    if (($v_autoreply == 'yes') && (empty($_POST['v_autoreply'])) && (empty($_SESSION['error_msg']))) {
+        exec (VESTA_CMD."v-delete-mail-account-autoreply ".$v_username." ".$v_domain." ".$v_account, $output, $return_var);
+        check_return_code($return_var,$output);
+        unset($output);
+        $v_autoreply = 'no';
+        $v_autoreply_message = '';
+    }
+
+    // Add autoreply
+    if ((!empty($_POST['v_autoreply'])) && (empty($_SESSION['error_msg']))) {
+        if ( $v_autoreply_message != str_replace("\r\n", "\n", $_POST['v_autoreply_message'])) {
+            $v_autoreply_message = str_replace("\r\n", "\n", $_POST['v_autoreply_message']);
+            $v_autoreply_message = escapeshellarg($v_autoreply_message);
+            exec (VESTA_CMD."v-add-mail-account-autoreply ".$v_username." ".$v_domain." ".$v_account." ".$v_autoreply_message, $output, $return_var);
+            check_return_code($return_var,$output);
+            unset($output);
+            $v_autoreply = 'yes';
+            $v_autoreply_message = $_POST['v_autoreply_message'];
+        }
+    }
+
+    // Email login credentials
+    if ((!empty($v_send_email)) && (empty($_SESSION['error_msg']))) {
+        $to = $v_send_email;
+        $subject = __("Email Credentials");
+        $hostname = exec('hostname');
+        $from = __('MAIL_FROM', $hostname);
+        $mailtext = $v_credentials;
+        send_email($to, $subject, $mailtext, $from);
+    }
+
+    // Set success message
+    if (empty($_SESSION['error_msg'])) {
+        $_SESSION['ok_msg'] = __('Changes has been saved.');
+    }
+}
+
+list($http_host, $port) = explode(':', $_SERVER["HTTP_HOST"].":");
+$webmail = "http://".$http_host."/webmail/";
+if (!empty($_SESSION['MAIL_URL'])) $webmail = $_SESSION['MAIL_URL'];
+
+if (empty($hostname)) {
+	$uname_arr=posix_uname();
+	$hostname=$uname_arr['nodename'];
+}
+
+$result = array(
+    'antispam' => $data[$v_domain]['ANTISPAM'],
+    'antivirus' => $data[$v_domain]['ANTIVIRUS'],
+    'dkim' => $data[$v_domain]['DKIM'],
+    'catchall' => $data[$v_domain]['CATCHALL'],
+    'status' => $v_status,
+    'username' => $user,
+    'domain' => $v_domain,
+    'account' => $v_account,
+    'password' => $v_password,
+    'aliases' => $v_aliases,
+    'valiases' => $valiases,
+    'fwd' => $v_fwd,
+    'vfwd' => $vfwd,
+    'fwd_only' => $v_fwd_only,
+    'quota' => $v_quota,
+    'autoreply' => $v_autoreply,
+    'quota' => $v_quota,
+    'date' => $v_date,
+    'time' => $v_time,
+    'send_email' => $v_send_email,
+    'credentials' => $v_credentials,
+    'webmail' => $webmail,
+    'hostname' => $hostname,
+    'autoreply_message' => $v_autoreply_message,
+    'v_suspended' => $v_suspended,
+    'error_msg' => $_SESSION['error_msg'],
+    'ok_msg' => $_SESSION['ok_msg']
+);
+
+echo json_encode($result);
+
+// Flush session messages
+unset($_SESSION['error_msg']);
+unset($_SESSION['ok_msg']);
diff --git a/web/api/v1/edit/package/index.php b/web/api/v1/edit/package/index.php
new file mode 100644
index 000000000..c16ef4bdb
--- /dev/null
+++ b/web/api/v1/edit/package/index.php
@@ -0,0 +1,270 @@
+<?php
+error_reporting(NULL);
+ob_start();
+$TAB = 'PACKAGE';
+
+header('Content-Type: application/json');
+
+// Main include
+include($_SERVER['DOCUMENT_ROOT']."/inc/main.php");
+
+
+// Check user
+if ($_SESSION['user'] != 'admin') {
+    exit;
+}
+
+// Check package argument
+if (empty($_GET['package'])) {
+    exit;
+}
+
+
+// List package
+$v_package = escapeshellarg($_GET['package']);
+exec (VESTA_CMD."v-list-user-package ".$v_package." json", $output, $return_var);
+$data = json_decode(implode('', $output), true);
+unset($output);
+
+// Parse package
+$v_package = $_GET['package'];
+$v_web_template = $data[$v_package]['WEB_TEMPLATE'];
+$v_backend_template = $data[$v_package]['BACKEND_TEMPLATE'];
+$v_proxy_template = $data[$v_package]['PROXY_TEMPLATE'];
+$v_dns_template = $data[$v_package]['DNS_TEMPLATE'];
+$v_web_domains = $data[$v_package]['WEB_DOMAINS'];
+$v_web_aliases = $data[$v_package]['WEB_ALIASES'];
+$v_dns_domains = $data[$v_package]['DNS_DOMAINS'];
+$v_dns_records = $data[$v_package]['DNS_RECORDS'];
+$v_mail_domains = $data[$v_package]['MAIL_DOMAINS'];
+$v_mail_accounts = $data[$v_package]['MAIL_ACCOUNTS'];
+$v_databases = $data[$v_package]['DATABASES'];
+$v_cron_jobs = $data[$v_package]['CRON_JOBS'];
+$v_disk_quota = $data[$v_package]['DISK_QUOTA'];
+$v_bandwidth = $data[$v_package]['BANDWIDTH'];
+$v_shell = $data[$v_package]['SHELL'];
+$v_ns = $data[$v_package]['NS'];
+$nameservers = explode(",", $v_ns);
+$v_ns1 = $nameservers[0];
+$v_ns2 = $nameservers[1];
+$v_ns3 = $nameservers[2];
+$v_ns4 = $nameservers[3];
+$v_ns5 = $nameservers[4];
+$v_ns6 = $nameservers[5];
+$v_ns7 = $nameservers[6];
+$v_ns8 = $nameservers[7];
+$v_backups = $data[$v_package]['BACKUPS'];
+$v_date = $data[$v_package]['DATE'];
+$v_time = $data[$v_package]['TIME'];
+$v_status =  'active';
+
+// List web templates
+exec (VESTA_CMD."v-list-web-templates json", $output, $return_var);
+$web_templates = json_decode(implode('', $output), true);
+unset($output);
+
+// List backend templates
+if (!empty($_SESSION['WEB_BACKEND'])) {
+    exec (VESTA_CMD."v-list-web-templates-backend json", $output, $return_var);
+    $backend_templates = json_decode(implode('', $output), true);
+    unset($output);
+}
+
+// List proxy templates
+if (!empty($_SESSION['PROXY_SYSTEM'])) {
+    exec (VESTA_CMD."v-list-web-templates-proxy json", $output, $return_var);
+    $proxy_templates = json_decode(implode('', $output), true);
+    unset($output);
+}
+
+
+// List dns templates
+exec (VESTA_CMD."v-list-dns-templates json", $output, $return_var);
+$dns_templates = json_decode(implode('', $output), true);
+unset($output);
+
+// List shels
+exec (VESTA_CMD."v-list-sys-shells json", $output, $return_var);
+$shells = json_decode(implode('', $output), true);
+unset($output);
+
+// Check POST request
+if (!empty($_POST['save'])) {
+
+    // Check token
+    if ((!isset($_POST['token'])) || ($_SESSION['token'] != $_POST['token'])) {
+        exit();
+    }
+
+    // Check empty fields
+    if (empty($_POST['v_package'])) $errors[] = __('package');
+    if (empty($_POST['v_web_template'])) $errors[] = __('web template');
+    if (!empty($_SESSION['WEB_BACKEND'])) {
+        if (empty($_POST['v_backend_template'])) $errors[] = __('backend template');
+    }
+    if (!empty($_SESSION['PROXY_SYSTEM'])) {
+        if (empty($_POST['v_proxy_template'])) $errors[] = __('proxy template');
+    }
+    if (empty($_POST['v_dns_template'])) $errors[] = __('dns template');
+    if (empty($_POST['v_shell'])) $errrors[] = __('shell');
+    if (!isset($_POST['v_web_domains'])) $errors[] = __('web domains');
+    if (!isset($_POST['v_web_aliases'])) $errors[] = __('web aliases');
+    if (!isset($_POST['v_dns_domains'])) $errors[] = __('dns domains');
+    if (!isset($_POST['v_dns_records'])) $errors[] = __('dns records');
+    if (!isset($_POST['v_mail_domains'])) $errors[] = __('mail domains');
+    if (!isset($_POST['v_mail_accounts'])) $errors[] = __('mail accounts');
+    if (!isset($_POST['v_databases'])) $errors[] = __('databases');
+    if (!isset($_POST['v_cron_jobs'])) $errors[] = __('cron jobs');
+    if (!isset($_POST['v_backups'])) $errors[] = __('backups');
+    if (!isset($_POST['v_disk_quota'])) $errors[] = __('quota');
+    if (!isset($_POST['v_bandwidth'])) $errors[] = __('bandwidth');
+    if (empty($_POST['v_ns1'])) $errors[] = __('ns1');
+    if (empty($_POST['v_ns2'])) $errors[] = __('ns2');
+    if (!empty($errors[0])) {
+        foreach ($errors as $i => $error) {
+            if ( $i == 0 ) {
+                $error_msg = $error;
+            } else {
+                $error_msg = $error_msg.", ".$error;
+            }
+        }
+        $_SESSION['error_msg'] = __('Field "%s" can not be blank.',$error_msg);
+    }
+
+    // Protect input
+    $v_package = escapeshellarg($_POST['v_package']);
+    $v_web_template = escapeshellarg($_POST['v_web_template']);
+    if (!empty($_SESSION['WEB_BACKEND'])) {
+        $v_backend_template = escapeshellarg($_POST['v_backend_template']);
+    }
+    if (!empty($_SESSION['PROXY_SYSTEM'])) {
+        $v_proxy_template = escapeshellarg($_POST['v_proxy_template']);
+    }
+    $v_dns_template = escapeshellarg($_POST['v_dns_template']);
+    $v_shell = escapeshellarg($_POST['v_shell']);
+    $v_web_domains = escapeshellarg($_POST['v_web_domains']);
+    $v_web_aliases = escapeshellarg($_POST['v_web_aliases']);
+    $v_dns_domains = escapeshellarg($_POST['v_dns_domains']);
+    $v_dns_records = escapeshellarg($_POST['v_dns_records']);
+    $v_mail_domains = escapeshellarg($_POST['v_mail_domains']);
+    $v_mail_accounts = escapeshellarg($_POST['v_mail_accounts']);
+    $v_databases = escapeshellarg($_POST['v_databases']);
+    $v_cron_jobs = escapeshellarg($_POST['v_cron_jobs']);
+    $v_backups = escapeshellarg($_POST['v_backups']);
+    $v_disk_quota = escapeshellarg($_POST['v_disk_quota']);
+    $v_bandwidth = escapeshellarg($_POST['v_bandwidth']);
+    $v_ns1 = trim($_POST['v_ns1'], '.');
+    $v_ns2 = trim($_POST['v_ns2'], '.');
+    $v_ns3 = trim($_POST['v_ns3'], '.');
+    $v_ns4 = trim($_POST['v_ns4'], '.');
+    $v_ns5 = trim($_POST['v_ns5'], '.');
+    $v_ns6 = trim($_POST['v_ns6'], '.');
+    $v_ns7 = trim($_POST['v_ns7'], '.');
+    $v_ns8 = trim($_POST['v_ns8'], '.');
+    $v_ns = $v_ns1.",".$v_ns2;
+    if (!empty($v_ns3)) $v_ns .= ",".$v_ns3;
+    if (!empty($v_ns4)) $v_ns .= ",".$v_ns4;
+    if (!empty($v_ns5)) $v_ns .= ",".$v_ns5;
+    if (!empty($v_ns6)) $v_ns .= ",".$v_ns6;
+    if (!empty($v_ns7)) $v_ns .= ",".$v_ns7;
+    if (!empty($v_ns8)) $v_ns .= ",".$v_ns8;
+    $v_ns = escapeshellarg($v_ns);
+    $v_time = escapeshellarg(date('H:i:s'));
+    $v_date = escapeshellarg(date('Y-m-d'));
+
+    // Create temprorary directory
+    exec ('mktemp -d', $output, $return_var);
+    $tmpdir = $output[0];
+    unset($output);
+
+    // Save package file on a fs
+    $pkg = "WEB_TEMPLATE=".$v_web_template."\n";
+    $pkg .= "BACKEND_TEMPLATE=".$v_backend_template."\n";
+    $pkg .= "PROXY_TEMPLATE=".$v_proxy_template."\n";
+    $pkg .= "DNS_TEMPLATE=".$v_dns_template."\n";
+    $pkg .= "WEB_DOMAINS=".$v_web_domains."\n";
+    $pkg .= "WEB_ALIASES=".$v_web_aliases."\n";
+    $pkg .= "DNS_DOMAINS=".$v_dns_domains."\n";
+    $pkg .= "DNS_RECORDS=".$v_dns_records."\n";
+    $pkg .= "MAIL_DOMAINS=".$v_mail_domains."\n";
+    $pkg .= "MAIL_ACCOUNTS=".$v_mail_accounts."\n";
+    $pkg .= "DATABASES=".$v_databases."\n";
+    $pkg .= "CRON_JOBS=".$v_cron_jobs."\n";
+    $pkg .= "DISK_QUOTA=".$v_disk_quota."\n";
+    $pkg .= "BANDWIDTH=".$v_bandwidth."\n";
+    $pkg .= "NS=".$v_ns."\n";
+    $pkg .= "SHELL=".$v_shell."\n";
+    $pkg .= "BACKUPS=".$v_backups."\n";
+    $pkg .= "TIME=".$v_time."\n";
+    $pkg .= "DATE=".$v_date."\n";
+    $fp = fopen($tmpdir."/".$_POST['v_package'].".pkg", 'w');
+    fwrite($fp, $pkg);
+    fclose($fp);
+
+    // Save changes
+    exec (VESTA_CMD."v-add-user-package ".$tmpdir." ".$v_package." yes", $output, $return_var);
+    check_return_code($return_var,$output);
+    unset($output);
+
+    // Remove temporary dir
+    exec ('rm -rf '.$tmpdir, $output, $return_var);
+    unset($output);
+
+    // Propogate new package
+    exec (VESTA_CMD."v-update-user-package ".$v_package." json", $output, $return_var);
+    check_return_code($return_var,$output);
+    unset($output);
+
+    // Set success message
+    if (empty($_SESSION['error_msg'])) {
+        $_SESSION['ok_msg'] = __('Changes has been saved.');
+    }
+}
+
+$result = array(
+	'package' => $_GET['package'],
+	'web_template' => $data[$v_package]['WEB_TEMPLATE'],
+	'backend_template' => $data[$v_package]['BACKEND_TEMPLATE'],
+	'proxy_template' => $data[$v_package]['PROXY_TEMPLATE'],
+	'dns_template' => $data[$v_package]['DNS_TEMPLATE'],
+	'web_domains' => $data[$v_package]['WEB_DOMAINS'],
+	'web_aliases' => $data[$v_package]['WEB_ALIASES'],
+	'dns_domains' => $data[$v_package]['DNS_DOMAINS'],
+	'dns_records' => $data[$v_package]['DNS_RECORDS'],
+	'mail_domains' => $data[$v_package]['MAIL_DOMAINS'],
+	'mail_accounts' => $data[$v_package]['MAIL_ACCOUNTS'],
+	'databases' => $data[$v_package]['DATABASES'],
+	'cron_jobs' => $data[$v_package]['CRON_JOBS'],
+	'disk_quota' => $data[$v_package]['DISK_QUOTA'],
+	'bandwidth' => $data[$v_package]['BANDWIDTH'],
+	'shell' => $data[$v_package]['SHELL'],
+	'ns' => $data[$v_package]['NS'],
+	'nameservers' => explode(",", $v_ns),
+	'ns1' => $nameservers[0],
+	'ns2' => $nameservers[1],
+	'ns3' => $nameservers[2],
+	'ns4' => $nameservers[3],
+	'ns5' => $nameservers[4],
+	'ns6' => $nameservers[5],
+	'ns7' => $nameservers[6],
+	'ns8' => $nameservers[7],
+	'backups' => $data[$v_package]['BACKUPS'],
+	'date' => $data[$v_package]['DATE'],
+	'time' => $data[$v_package]['TIME'],
+	'status' => $v_status,
+	'web_templates' => $web_templates,
+	'backend_templates' => $backend_templates,
+	'proxy_templates' => $proxy_templates,
+	'dns_templates' => $dns_templates,
+	'shells' => $shells,
+    'web_system' => $_SESSION['WEB_SYSTEM'],
+    'web_backend' => $_SESSION['WEB_BACKEND'],
+    'proxy_system' => $_SESSION['PROXY_SYSTEM'],
+    'dns_system' => $_SESSION['DNS_SYSTEM']
+);
+
+echo json_encode($result);
+
+// Flush session messages
+unset($_SESSION['error_msg']);
+unset($_SESSION['ok_msg']);
diff --git a/web/api/v1/edit/server/apache2/index.php b/web/api/v1/edit/server/apache2/index.php
new file mode 100644
index 000000000..e23a31f57
--- /dev/null
+++ b/web/api/v1/edit/server/apache2/index.php
@@ -0,0 +1,66 @@
+<?php
+error_reporting(NULL);
+$TAB = 'SERVER';
+
+header('Content-Type: application/json');
+
+// Main include
+include($_SERVER['DOCUMENT_ROOT']."/inc/main.php");
+
+// Check user
+if ($_SESSION['user'] != 'admin') {
+    header("Location: /list/user");
+    exit;
+}
+
+// Check POST request
+if (!empty($_POST['save'])) {
+
+    // Check token
+    if ((!isset($_POST['token'])) || ($_SESSION['token'] != $_POST['token'])) {
+        exit();
+    }
+
+    // Set restart flag
+    $v_restart = 'yes';
+    if (empty($_POST['v_restart'])) $v_restart = 'no';
+
+    // Update config
+    if (!empty($_POST['v_config'])) {
+        exec ('mktemp', $mktemp_output, $return_var);
+        $new_conf = $mktemp_output[0];
+        $fp = fopen($new_conf, 'w');
+        fwrite($fp, str_replace("\r\n", "\n",  $_POST['v_config']));
+        fclose($fp);
+        exec (VESTA_CMD."v-change-sys-service-config ".$new_conf." apache2 ".$v_restart, $output, $return_var);
+        check_return_code($return_var,$output);
+        unset($output);
+        unlink($new_conf);
+    }
+
+    // Set success message
+    if (empty($_SESSION['error_msg'])) {
+        $_SESSION['ok_msg'] = __('Changes has been saved.');
+    }
+
+}
+
+$v_config_path = '/etc/apache2/apache2.conf';
+$v_service_name = strtoupper('apache2');
+
+// Read config
+$v_config = shell_exec(VESTA_CMD."v-open-fs-config ".$v_config_path);
+
+$result = array(
+    'config_path' => $v_config_path,
+    'service_name' => $v_service_name,
+    'config' => $v_config,
+    'error_msg' => $_SESSION['error_msg'],
+    'ok_msg' => $_SESSION['ok_msg']
+);
+
+echo json_encode($result);
+
+// Flush session messages
+unset($_SESSION['error_msg']);
+unset($_SESSION['ok_msg']);
diff --git a/web/api/v1/edit/server/bind9/index.php b/web/api/v1/edit/server/bind9/index.php
new file mode 100644
index 000000000..4fff011db
--- /dev/null
+++ b/web/api/v1/edit/server/bind9/index.php
@@ -0,0 +1,82 @@
+<?php
+error_reporting(NULL);
+$TAB = 'SERVER';
+
+header('Content-Type: application/json');
+
+// Main include
+include($_SERVER['DOCUMENT_ROOT']."/inc/main.php");
+
+// Check user
+if ($_SESSION['user'] != 'admin') {
+    exit;
+}
+
+// Check POST request
+if (!empty($_POST['save'])) {
+
+    // Check token
+    if ((!isset($_POST['token'])) || ($_SESSION['token'] != $_POST['token'])) {
+        exit();
+    }
+
+    // Set restart flag
+    $v_restart = 'yes';
+    if (empty($_POST['v_restart'])) $v_restart = 'no';
+
+    // Update options
+    if (!empty($_POST['v_options'])) {
+        exec ('mktemp', $mktemp_output, $return_var);
+        $new_conf = $mktemp_output[0];
+        $fp = fopen($new_conf, 'w');
+        fwrite($fp, str_replace("\r\n", "\n",  $_POST['v_options']));
+        fclose($fp);
+        exec (VESTA_CMD."v-change-sys-service-config ".$new_conf." bind9-opt ".$v_restart, $output, $return_var);
+        check_return_code($return_var,$output);
+        unset($output);
+        unlink($new_conf);
+    }
+
+    // Update config
+    if ((empty($_SESSION['error_msg'])) && (!empty($_POST['v_config']))) {
+        exec ('mktemp', $mktemp_output, $return_var);
+        $new_conf = $mktemp_output[0];
+        $fp = fopen($new_conf, 'w');
+        fwrite($fp, str_replace("\r\n", "\n",  $_POST['v_config']));
+        fclose($fp);
+        exec (VESTA_CMD."v-change-sys-service-config ".$new_conf." bind9 ".$v_restart, $output, $return_var);
+        check_return_code($return_var,$output);
+        unset($output);
+        unlink($new_conf);
+    }
+
+    // Set success message
+    if (empty($_SESSION['error_msg'])) {
+        $_SESSION['ok_msg'] = __('Changes has been saved.');
+    }
+
+}
+
+$v_options_path = '/etc/bind/named.conf.options';
+$v_config_path = '/etc/bind/named.conf';
+$v_service_name = strtoupper('bind9');
+
+// Read config
+$v_options = shell_exec(VESTA_CMD."v-open-fs-config ".$v_options_path);
+$v_config = shell_exec(VESTA_CMD."v-open-fs-config ".$v_config_path);
+
+$result = array(
+    'options_path' => $v_options_path,
+    'config_path' => $v_config_path,
+    'service_name' => $v_service_name,
+    'options' => $v_options,
+    'config' => $v_config,
+    'error_msg' => $_SESSION['error_msg'],
+    'ok_msg' => $_SESSION['ok_msg']
+);
+
+echo json_encode($result);
+
+// Flush session messages
+unset($_SESSION['error_msg']);
+unset($_SESSION['ok_msg']);
diff --git a/web/api/v1/edit/server/clamd/index.php b/web/api/v1/edit/server/clamd/index.php
new file mode 100644
index 000000000..fef8c95b3
--- /dev/null
+++ b/web/api/v1/edit/server/clamd/index.php
@@ -0,0 +1,65 @@
+<?php
+error_reporting(NULL);
+$TAB = 'SERVER';
+
+header('Content-Type: application/json');
+
+// Main include
+include($_SERVER['DOCUMENT_ROOT']."/inc/main.php");
+
+// Check user
+if ($_SESSION['user'] != 'admin') {
+    exit;
+}
+
+// Check POST request
+if (!empty($_POST['save'])) {
+
+    // Check token
+    if ((!isset($_POST['token'])) || ($_SESSION['token'] != $_POST['token'])) {
+        exit();
+    }
+
+    // Set restart flag
+    $v_restart = 'yes';
+    if (empty($_POST['v_restart'])) $v_restart = 'no';
+
+    // Update config
+    if (!empty($_POST['v_config'])) {
+        exec ('mktemp', $mktemp_output, $return_var);
+        $new_conf = $mktemp_output[0];
+        $fp = fopen($new_conf, 'w');
+        fwrite($fp, str_replace("\r\n", "\n",  $_POST['v_config']));
+        fclose($fp);
+        exec (VESTA_CMD."v-change-sys-service-config ".$new_conf." clamd ".$v_restart, $output, $return_var);
+        check_return_code($return_var,$output);
+        unset($output);
+        unlink($new_conf);
+    }
+
+    // Set success message
+    if (empty($_SESSION['error_msg'])) {
+        $_SESSION['ok_msg'] = __('Changes has been saved.');
+    }
+
+}
+
+$v_config_path = shell_exec(VESTA_CMD.'v-list-sys-clamd-config plain');
+$v_service_name = strtoupper('clamav');
+
+// Read config
+$v_config = shell_exec(VESTA_CMD."v-open-fs-config ".$v_config_path);
+
+$result = array(
+    'config_path' => $v_config_path,
+    'service_name' => $v_service_name,
+    'config' => $v_config,
+    'error_msg' => $_SESSION['error_msg'],
+    'ok_msg' => $_SESSION['ok_msg']
+);
+
+echo json_encode($result);
+
+// Flush session messages
+unset($_SESSION['error_msg']);
+unset($_SESSION['ok_msg']);
\ No newline at end of file
diff --git a/web/api/v1/edit/server/cron/index.php b/web/api/v1/edit/server/cron/index.php
new file mode 100644
index 000000000..02f5a6c64
--- /dev/null
+++ b/web/api/v1/edit/server/cron/index.php
@@ -0,0 +1,65 @@
+<?php
+error_reporting(NULL);
+$TAB = 'SERVER';
+
+header('Content-Type: application/json');
+
+// Main include
+include($_SERVER['DOCUMENT_ROOT']."/inc/main.php");
+
+// Check user
+if ($_SESSION['user'] != 'admin') {
+    exit;
+}
+
+// Check POST request
+if (!empty($_POST['save'])) {
+
+    // Check token
+    if ((!isset($_POST['token'])) || ($_SESSION['token'] != $_POST['token'])) {
+        exit();
+    }
+
+    // Set restart flag
+    $v_restart = 'yes';
+    if (empty($_POST['v_restart'])) $v_restart = 'no';
+
+    // Update config
+    if (!empty($_POST['v_config'])) {
+        exec ('mktemp', $mktemp_output, $return_var);
+        $new_conf = $mktemp_output[0];
+        $fp = fopen($new_conf, 'w');
+        fwrite($fp, str_replace("\r\n", "\n",  $_POST['v_config']));
+        fclose($fp);
+        exec (VESTA_CMD."v-change-sys-service-config ".$new_conf." cron ".$v_restart, $output, $return_var);
+        check_return_code($return_var,$output);
+        unset($output);
+        unlink($new_conf);
+    }
+
+    // Set success message
+    if (empty($_SESSION['error_msg'])) {
+        $_SESSION['ok_msg'] = __('Changes has been saved.');
+    }
+
+}
+
+$v_config_path = '/etc/crontab';
+$v_service_name = strtoupper('cron');
+
+// Read config
+$v_config = shell_exec(VESTA_CMD."v-open-fs-config ".$v_config_path);
+
+$result = array(
+    'config_path' => $v_config_path,
+    'service_name' => $v_service_name,
+    'config' => $v_config,
+    'error_msg' => $_SESSION['error_msg'],
+    'ok_msg' => $_SESSION['ok_msg']
+);
+
+echo json_encode($result);
+
+// Flush session messages
+unset($_SESSION['error_msg']);
+unset($_SESSION['ok_msg']);
\ No newline at end of file
diff --git a/web/api/v1/edit/server/crond/index.php b/web/api/v1/edit/server/crond/index.php
new file mode 100644
index 000000000..9ef8f54dc
--- /dev/null
+++ b/web/api/v1/edit/server/crond/index.php
@@ -0,0 +1,65 @@
+<?php
+error_reporting(NULL);
+$TAB = 'SERVER';
+
+header('Content-Type: application/json');
+
+// Main include
+include($_SERVER['DOCUMENT_ROOT']."/inc/main.php");
+
+// Check user
+if ($_SESSION['user'] != 'admin') {
+    exit;
+}
+
+// Check POST request
+if (!empty($_POST['save'])) {
+
+    // Check token
+    if ((!isset($_POST['token'])) || ($_SESSION['token'] != $_POST['token'])) {
+        exit();
+    }
+
+    // Set restart flag
+    $v_restart = 'yes';
+    if (empty($_POST['v_restart'])) $v_restart = 'no';
+
+    // Update config
+    if (!empty($_POST['v_config'])) {
+        exec ('mktemp', $mktemp_output, $return_var);
+        $new_conf = $mktemp_output[0];
+        $fp = fopen($new_conf, 'w');
+        fwrite($fp, str_replace("\r\n", "\n",  $_POST['v_config']));
+        fclose($fp);
+        exec (VESTA_CMD."v-change-sys-service-config ".$new_conf." crond ".$v_restart, $output, $return_var);
+        check_return_code($return_var,$output);
+        unset($output);
+        unlink($new_conf);
+    }
+
+    // Set success message
+    if (empty($_SESSION['error_msg'])) {
+        $_SESSION['ok_msg'] = __('Changes has been saved.');
+    }
+
+}
+
+$v_config_path = '/etc/crontab';
+$v_service_name = strtoupper('cron');
+
+// Read config
+$v_config = shell_exec(VESTA_CMD."v-open-fs-config ".$v_config_path);
+
+$result = array(
+    'config_path' => $v_config_path,
+    'service_name' => $v_service_name,
+    'config' => $v_config,
+    'error_msg' => $_SESSION['error_msg'],
+    'ok_msg' => $_SESSION['ok_msg']
+);
+
+echo json_encode($result);
+
+// Flush session messages
+unset($_SESSION['error_msg']);
+unset($_SESSION['ok_msg']);
diff --git a/web/api/v1/edit/server/dovecot/index.php b/web/api/v1/edit/server/dovecot/index.php
new file mode 100644
index 000000000..198bd28a2
--- /dev/null
+++ b/web/api/v1/edit/server/dovecot/index.php
@@ -0,0 +1,206 @@
+<?php
+error_reporting(NULL);
+$TAB = 'SERVER';
+
+header('Content-Type: application/json');
+
+// Main include
+include($_SERVER['DOCUMENT_ROOT']."/inc/main.php");
+
+// Check user
+if ($_SESSION['user'] != 'admin') {
+    exit;
+}
+
+// Check POST request
+if (!empty($_POST['save'])) {
+
+    // Check token
+    if ((!isset($_POST['token'])) || ($_SESSION['token'] != $_POST['token'])) {
+        exit();
+    }
+
+    // Set restart flag
+    $v_restart = 'yes';
+    if (empty($_POST['v_restart'])) $v_restart = 'no';
+
+    // Update config
+    if (!empty($_POST['v_config'])) {
+        exec ('mktemp', $mktemp_output, $return_var);
+        $new_conf = $mktemp_output[0];
+        $fp = fopen($new_conf, 'w');
+        fwrite($fp, str_replace("\r\n", "\n",  $_POST['v_config']));
+        fclose($fp);
+        exec (VESTA_CMD."v-change-sys-service-config ".$new_conf." dovecot ".$v_restart, $output, $return_var);
+        check_return_code($return_var,$output);
+        unset($output);
+        unlink($new_conf);
+    }
+
+    // Update config1
+    if ((empty($_SESSION['error_msg'])) && (!empty($_POST['v_config1']))) {
+        exec ('mktemp', $mktemp_output, $return_var);
+        $new_conf = $mktemp_output[0];
+        $fp = fopen($new_conf, 'w');
+        fwrite($fp, str_replace("\r\n", "\n",  $_POST['v_config1']));
+        fclose($fp);
+        exec (VESTA_CMD."v-change-sys-service-config ".$new_conf." dovecot-1 " .$v_restart, $output, $return_var);
+        check_return_code($return_var,$output);
+        unset($output);
+        unlink($new_conf);
+    }
+
+    // Update config2
+    if ((empty($_SESSION['error_msg'])) && (!empty($_POST['v_config2']))) {
+        exec ('mktemp', $mktemp_output, $return_var);
+        $new_conf = $mktemp_output[0];
+        $fp = fopen($new_conf, 'w');
+        fwrite($fp, str_replace("\r\n", "\n",  $_POST['v_config2']));
+        fclose($fp);
+        exec (VESTA_CMD."v-change-sys-service-config ".$new_conf." dovecot-2 " .$v_restart, $output, $return_var);
+        check_return_code($return_var,$output);
+        unset($output);
+        unlink($new_conf);
+    }
+
+    // Update config3
+    if ((empty($_SESSION['error_msg'])) && (!empty($_POST['v_config3']))) {
+        exec ('mktemp', $mktemp_output, $return_var);
+        $new_conf = $mktemp_output[0];
+        $fp = fopen($new_conf, 'w');
+        fwrite($fp, str_replace("\r\n", "\n",  $_POST['v_config3']));
+        fclose($fp);
+        exec (VESTA_CMD."v-change-sys-service-config ".$new_conf." dovecot-3 " .$v_restart, $output, $return_var);
+        check_return_code($return_var,$output);
+        unset($output);
+        unlink($new_conf);
+    }
+
+    // Update config4
+    if ((empty($_SESSION['error_msg'])) && (!empty($_POST['v_config4']))) {
+        exec ('mktemp', $mktemp_output, $return_var);
+        $new_conf = $mktemp_output[0];
+        $fp = fopen($new_conf, 'w');
+        fwrite($fp, str_replace("\r\n", "\n",  $_POST['v_config4']));
+        fclose($fp);
+        exec (VESTA_CMD."v-change-sys-service-config ".$new_conf." dovecot-4 " .$v_restart, $output, $return_var);
+        check_return_code($return_var,$output);
+        unset($output);
+        unlink($new_conf);
+    }
+
+    // Update config5
+    if ((empty($_SESSION['error_msg'])) && (!empty($_POST['v_config5']))) {
+        exec ('mktemp', $mktemp_output, $return_var);
+        $new_conf = $mktemp_output[0];
+        $fp = fopen($new_conf, 'w');
+        fwrite($fp, str_replace("\r\n", "\n",  $_POST['v_config5']));
+        fclose($fp);
+        exec (VESTA_CMD."v-change-sys-service-config ".$new_conf." dovecot-5 " .$v_restart, $output, $return_var);
+        check_return_code($return_var,$output);
+        unset($output);
+        unlink($new_conf);
+    }
+
+    // Update config6
+    if ((empty($_SESSION['error_msg'])) && (!empty($_POST['v_config6']))) {
+        exec ('mktemp', $mktemp_output, $return_var);
+        $new_conf = $mktemp_output[0];
+        $fp = fopen($new_conf, 'w');
+        fwrite($fp, str_replace("\r\n", "\n",  $_POST['v_config6']));
+        fclose($fp);
+        exec (VESTA_CMD."v-change-sys-service-config ".$new_conf." dovecot-6 " .$v_restart, $output, $return_var);
+        check_return_code($return_var,$output);
+        unset($output);
+        unlink($new_conf);
+    }
+
+    // Update config7
+    if ((empty($_SESSION['error_msg'])) && (!empty($_POST['v_config7']))) {
+        exec ('mktemp', $mktemp_output, $return_var);
+        $new_conf = $mktemp_output[0];
+        $fp = fopen($new_conf, 'w');
+        fwrite($fp, str_replace("\r\n", "\n",  $_POST['v_config7']));
+        fclose($fp);
+        exec (VESTA_CMD."v-change-sys-service-config ".$new_conf." dovecot-7 " .$v_restart, $output, $return_var);
+        check_return_code($return_var,$output);
+        unset($output);
+        unlink($new_conf);
+    }
+
+    // Update config8
+    if ((empty($_SESSION['error_msg'])) && (!empty($_POST['v_config8']))) {
+        exec ('mktemp', $mktemp_output, $return_var);
+        $new_conf = $mktemp_output[0];
+        $fp = fopen($new_conf, 'w');
+        fwrite($fp, str_replace("\r\n", "\n",  $_POST['v_config8']));
+        fclose($fp);
+        exec (VESTA_CMD."v-change-sys-service-config ".$new_conf." dovecot-8 " .$v_restart, $output, $return_var);
+        check_return_code($return_var,$output);
+        unset($output);
+        unlink($new_conf);
+    }
+
+    // Set success message
+    if (empty($_SESSION['error_msg'])) {
+        $_SESSION['ok_msg'] = __('Changes has been saved.');
+    }
+
+}
+
+// List config
+exec (VESTA_CMD."v-list-sys-dovecot-config json", $output, $return_var);
+$data = json_decode(implode('', $output), true);
+unset($output);
+
+$v_config_path = $data['CONFIG']['config_path'];
+$v_config_path1 = $data['CONFIG']['config_path1'];
+$v_config_path2 = $data['CONFIG']['config_path2'];
+$v_config_path3 = $data['CONFIG']['config_path3'];
+$v_config_path4 = $data['CONFIG']['config_path4'];
+$v_config_path5 = $data['CONFIG']['config_path5'];
+$v_config_path6 = $data['CONFIG']['config_path6'];
+$v_config_path7 = $data['CONFIG']['config_path7'];
+$v_config_path8 = $data['CONFIG']['config_path8'];
+$v_service_name = strtoupper('dovecot');
+
+// Read config
+$v_config = shell_exec(VESTA_CMD."v-open-fs-config ".$v_config_path);
+if (!empty($v_config_path1)) $v_config1 = shell_exec(VESTA_CMD."v-open-fs-config ".$v_config_path1);
+if (!empty($v_config_path2)) $v_config2 = shell_exec(VESTA_CMD."v-open-fs-config ".$v_config_path2);
+if (!empty($v_config_path3)) $v_config3 = shell_exec(VESTA_CMD."v-open-fs-config ".$v_config_path3);
+if (!empty($v_config_path4)) $v_config4 = shell_exec(VESTA_CMD."v-open-fs-config ".$v_config_path4);
+if (!empty($v_config_path5)) $v_config5 = shell_exec(VESTA_CMD."v-open-fs-config ".$v_config_path5);
+if (!empty($v_config_path6)) $v_config6 = shell_exec(VESTA_CMD."v-open-fs-config ".$v_config_path6);
+if (!empty($v_config_path7)) $v_config7 = shell_exec(VESTA_CMD."v-open-fs-config ".$v_config_path7);
+if (!empty($v_config_path8)) $v_config8 = shell_exec(VESTA_CMD."v-open-fs-config ".$v_config_path8);
+
+$result = array(
+	'config_path' => $v_config_path,
+	'config_path1' => $v_config_path1,
+	'config_path2' => $v_config_path2,
+	'config_path3' => $v_config_path3,
+	'config_path4' => $v_config_path4,
+	'config_path5' => $v_config_path5,
+	'config_path6' => $v_config_path6,
+	'config_path7' => $v_config_path7,
+	'config_path8' => $v_config_path8,
+	'service_name' => $v_service_name,
+	'config' => $config,
+	'config1' => $config1,
+	'config2' => $config2,
+	'config3' => $config3,
+	'config4' => $config4,
+	'config5' => $config5,
+	'config6' => $config6,
+	'config7' => $config7,
+	'config8' => $config8,
+	'error_msg' => $_SESSION['error_msg'],
+	'ok_msg' => $_SESSION['ok_msg']
+);
+
+echo json_encode($result);
+
+// Flush session messages
+unset($_SESSION['error_msg']);
+unset($_SESSION['ok_msg']);
diff --git a/web/api/v1/edit/server/exim/index.php b/web/api/v1/edit/server/exim/index.php
new file mode 100644
index 000000000..aa267feac
--- /dev/null
+++ b/web/api/v1/edit/server/exim/index.php
@@ -0,0 +1,65 @@
+<?php
+error_reporting(NULL);
+$TAB = 'SERVER';
+
+header('Content-Type: application/json');
+
+// Main include
+include($_SERVER['DOCUMENT_ROOT']."/inc/main.php");
+
+// Check user
+if ($_SESSION['user'] != 'admin') {
+    exit;
+}
+
+// Check POST request
+if (!empty($_POST['save'])) {
+
+    // Check token
+    if ((!isset($_POST['token'])) || ($_SESSION['token'] != $_POST['token'])) {
+        exit();
+    }
+
+    // Set restart flag
+    $v_restart = 'yes';
+    if (empty($_POST['v_restart'])) $v_restart = 'no';
+
+    // Update config
+    if (!empty($_POST['v_config'])) {
+        exec ('mktemp', $mktemp_output, $return_var);
+        $new_conf = $mktemp_output[0];
+        $fp = fopen($new_conf, 'w');
+        fwrite($fp, str_replace("\r\n", "\n",  $_POST['v_config']));
+        fclose($fp);
+        exec (VESTA_CMD."v-change-sys-service-config ".$new_conf." exim ".$v_restart, $output, $return_var);
+        check_return_code($return_var,$output);
+        unset($output);
+        unlink($new_conf);
+    }
+
+    // Set success message
+    if (empty($_SESSION['error_msg'])) {
+        $_SESSION['ok_msg'] = __('Changes has been saved.');
+    }
+
+}
+
+$v_config_path = '/etc/exim/exim.conf';
+$v_service_name = strtoupper('exim');
+
+// Read config
+$v_config = shell_exec(VESTA_CMD."v-open-fs-config ".$v_config_path);
+
+$result = array(
+    'config_path' => $v_config_path,
+    'service_name' => $v_service_name,
+    'config' => $v_config,
+    'error_msg' => $_SESSION['error_msg'],
+    'ok_msg' => $_SESSION['ok_msg']
+);
+
+echo json_encode($result);
+
+// Flush session messages
+unset($_SESSION['error_msg']);
+unset($_SESSION['ok_msg']);
diff --git a/web/api/v1/edit/server/exim4/index.php b/web/api/v1/edit/server/exim4/index.php
new file mode 100644
index 000000000..84b2bd50e
--- /dev/null
+++ b/web/api/v1/edit/server/exim4/index.php
@@ -0,0 +1,65 @@
+<?php
+error_reporting(NULL);
+$TAB = 'SERVER';
+
+header('Content-Type: application/json');
+
+// Main include
+include($_SERVER['DOCUMENT_ROOT']."/inc/main.php");
+
+// Check user
+if ($_SESSION['user'] != 'admin') {
+    exit;
+}
+
+// Check POST request
+if (!empty($_POST['save'])) {
+
+    // Check token
+    if ((!isset($_POST['token'])) || ($_SESSION['token'] != $_POST['token'])) {
+        exit();
+    }
+
+    // Set restart flag
+    $v_restart = 'yes';
+    if (empty($_POST['v_restart'])) $v_restart = 'no';
+
+    // Update config
+    if (!empty($_POST['v_config'])) {
+        exec ('mktemp', $mktemp_output, $return_var);
+        $new_conf = $mktemp_output[0];
+        $fp = fopen($new_conf, 'w');
+        fwrite($fp, str_replace("\r\n", "\n",  $_POST['v_config']));
+        fclose($fp);
+        exec (VESTA_CMD."v-change-sys-service-config ".$new_conf." exim4 ".$v_restart, $output, $return_var);
+        check_return_code($return_var,$output);
+        unset($output);
+        unlink($new_conf);
+    }
+
+    // Set success message
+    if (empty($_SESSION['error_msg'])) {
+        $_SESSION['ok_msg'] = __('Changes has been saved.');
+    }
+
+}
+
+$v_config_path = '/etc/exim4/exim4.conf.template';
+$v_service_name = strtoupper('exim');
+
+// Read config
+$v_config = shell_exec(VESTA_CMD."v-open-fs-config ".$v_config_path);
+
+$result = array(
+    'config_path' => $v_config_path,
+    'service_name' => $v_service_name,
+    'config' => $v_config,
+    'error_msg' => $_SESSION['error_msg'],
+    'ok_msg' => $_SESSION['ok_msg']
+);
+
+echo json_encode($result);
+
+// Flush session messages
+unset($_SESSION['error_msg']);
+unset($_SESSION['ok_msg']);
\ No newline at end of file
diff --git a/web/api/v1/edit/server/fail2ban/index.php b/web/api/v1/edit/server/fail2ban/index.php
new file mode 100644
index 000000000..fa7cf38c4
--- /dev/null
+++ b/web/api/v1/edit/server/fail2ban/index.php
@@ -0,0 +1,65 @@
+<?php
+error_reporting(NULL);
+$TAB = 'SERVER';
+
+header('Content-Type: application/json');
+
+// Main include
+include($_SERVER['DOCUMENT_ROOT']."/inc/main.php");
+
+// Check user
+if ($_SESSION['user'] != 'admin') {
+    exit;
+}
+
+// Check POST request
+if (!empty($_POST['save'])) {
+
+    // Check token
+    if ((!isset($_POST['token'])) || ($_SESSION['token'] != $_POST['token'])) {
+        exit();
+    }
+
+    // Set restart flag
+    $v_restart = 'yes';
+    if (empty($_POST['v_restart'])) $v_restart = 'no';
+
+    // Update config
+    if (!empty($_POST['v_config'])) {
+        exec ('mktemp', $mktemp_output, $return_var);
+        $new_conf = $mktemp_output[0];
+        $fp = fopen($new_conf, 'w');
+        fwrite($fp, str_replace("\r\n", "\n",  $_POST['v_config']));
+        fclose($fp);
+        exec (VESTA_CMD."v-change-sys-service-config ".$new_conf." fail2ban ".$v_restart, $output, $return_var);
+        check_return_code($return_var,$output);
+        unset($output);
+        unlink($new_conf);
+    }
+
+    // Set success message
+    if (empty($_SESSION['error_msg'])) {
+        $_SESSION['ok_msg'] = __('Changes has been saved.');
+    }
+
+}
+
+$v_config_path = '/etc/fail2ban/jail.local';
+$v_service_name = strtoupper('fail2ban');
+
+// Read config
+$v_config = shell_exec(VESTA_CMD."v-open-fs-config ".$v_config_path);
+
+$result = array(
+    'config_path' => $v_config_path,
+    'service_name' => $v_service_name,
+    'config' => $v_config,
+    'error_msg' => $_SESSION['error_msg'],
+    'ok_msg' => $_SESSION['ok_msg']
+);
+
+echo json_encode($result);
+
+// Flush session messages
+unset($_SESSION['error_msg']);
+unset($_SESSION['ok_msg']);
\ No newline at end of file
diff --git a/web/api/v1/edit/server/httpd/index.php b/web/api/v1/edit/server/httpd/index.php
new file mode 100644
index 000000000..8af419d2d
--- /dev/null
+++ b/web/api/v1/edit/server/httpd/index.php
@@ -0,0 +1,64 @@
+<?php
+error_reporting(NULL);
+$TAB = 'SERVER';
+header('Content-Type: application/json');
+
+// Main include
+include($_SERVER['DOCUMENT_ROOT']."/inc/main.php");
+
+// Check user
+if ($_SESSION['user'] != 'admin') {
+    exit;
+}
+
+// Check POST request
+if (!empty($_POST['save'])) {
+
+    // Check token
+    if ((!isset($_POST['token'])) || ($_SESSION['token'] != $_POST['token'])) {
+        exit();
+    }
+
+    // Set restart flag
+    $v_restart = 'yes';
+    if (empty($_POST['v_restart'])) $v_restart = 'no';
+
+    // Update config
+    if (!empty($_POST['v_config'])) {
+        exec ('mktemp', $mktemp_output, $return_var);
+        $new_conf = $mktemp_output[0];
+        $fp = fopen($new_conf, 'w');
+        fwrite($fp, str_replace("\r\n", "\n",  $_POST['v_config']));
+        fclose($fp);
+        exec (VESTA_CMD."v-change-sys-service-config ".$new_conf." httpd ".$v_restart, $output, $return_var);
+        check_return_code($return_var,$output);
+        unset($output);
+        unlink($new_conf);
+    }
+
+    // Set success message
+    if (empty($_SESSION['error_msg'])) {
+        $_SESSION['ok_msg'] = __('Changes has been saved.');
+    }
+
+}
+
+$v_config_path = '/etc/httpd/conf/httpd.conf';
+$v_service_name = strtoupper('httpd');
+
+// Read config
+$v_config = shell_exec(VESTA_CMD."v-open-fs-config ".$v_config_path);
+
+$result = array(
+    'config_path' => '/etc/httpd/conf/httpd.conf',
+    'service_name' => $v_service_name,
+    'config' => $v_config,
+    'error_msg' => $_SESSION['error_msg'],
+    'ok_msg' => $_SESSION['ok_msg']
+);
+
+echo json_encode($result);
+
+// Flush session messages
+unset($_SESSION['error_msg']);
+unset($_SESSION['ok_msg']);
\ No newline at end of file
diff --git a/web/api/v1/edit/server/index.php b/web/api/v1/edit/server/index.php
new file mode 100644
index 000000000..d52595256
--- /dev/null
+++ b/web/api/v1/edit/server/index.php
@@ -0,0 +1,698 @@
+<?php
+error_reporting(NULL);
+$TAB = 'SERVER';
+
+header('Content-Type: application/json');
+
+// Main include
+include($_SERVER['DOCUMENT_ROOT']."/inc/main.php");
+
+// Check user
+if ($_SESSION['user'] != 'admin') {
+    exit;
+}
+
+// Get server hostname
+$v_hostname = exec('hostname');
+
+// List available timezones and get current one
+$v_timezones = list_timezones();
+exec (VESTA_CMD."v-get-sys-timezone", $output, $return_var);
+$v_timezone = $output[0];
+unset($output);
+if ($v_timezone == 'Etc/UTC' ) $v_timezone = 'UTC';
+if ($v_timezone == 'Pacific/Honolulu' ) $v_timezone = 'HAST';
+if ($v_timezone == 'US/Aleutian' ) $v_timezone = 'HADT';
+if ($v_timezone == 'Etc/GMT+9' ) $v_timezone = 'AKST';
+if ($v_timezone == 'America/Anchorage' ) $v_timezone = 'AKDT';
+if ($v_timezone == 'America/Dawson_Creek' ) $v_timezone = 'PST';
+if ($v_timezone == 'PST8PDT' ) $v_timezone = 'PDT';
+if ($v_timezone == 'MST7MDT' ) $v_timezone = 'MDT';
+if ($v_timezone == 'Canada/Saskatchewan' ) $v_timezone = 'CST';
+if ($v_timezone == 'CST6CDT' ) $v_timezone = 'CDT';
+if ($v_timezone == 'EST5EDT' ) $v_timezone = 'EDT';
+if ($v_timezone == 'America/Puerto_Rico' ) $v_timezone = 'AST';
+if ($v_timezone == 'America/Halifax' ) $v_timezone = 'ADT';
+
+// List supported languages
+exec (VESTA_CMD."v-list-sys-languages json", $output, $return_var);
+$languages = json_decode(implode('', $output), true);
+unset($output);
+
+// List dns cluster hosts
+exec (VESTA_CMD."v-list-remote-dns-hosts json", $output, $return_var);
+$dns_cluster = json_decode(implode('', $output), true);
+unset($output);
+foreach ($dns_cluster as $key => $value) {
+    $v_dns_cluster = 'yes';
+}
+
+// List Database hosts
+exec (VESTA_CMD."v-list-database-hosts json", $output, $return_var);
+$db_hosts = json_decode(implode('', $output), true);
+unset($output);
+$v_mysql_hosts = array_values(array_filter($db_hosts, function($host){return $host['TYPE'] === 'mysql';}));
+$v_mysql = count($v_mysql_hosts) ? 'yes' : 'no';
+$v_pgsql_hosts = array_values(array_filter($db_hosts, function($host){return $host['TYPE'] === 'pgsql';}));
+$v_pgsql = count($v_pgsql_hosts) ? 'yes' : 'no';
+unset($db_hosts);
+
+// List backup settings
+$v_backup_dir = "/backup";
+if (!empty($_SESSION['BACKUP'])) $v_backup_dir = $_SESSION['BACKUP'];
+$v_backup_gzip = '5';
+if (!empty($_SESSION['BACKUP_GZIP'])) $v_backup_gzip = $_SESSION['BACKUP_GZIP'];
+$backup_types = explode(",",$_SESSION['BACKUP_SYSTEM']);
+foreach ($backup_types as $backup_type) {
+    if ($backup_type == 'local') {
+        $v_backup = 'yes';
+    } else {
+        exec (VESTA_CMD."v-list-backup-host ".$backup_type. " json", $output, $return_var);
+        $v_remote_backup = json_decode(implode('', $output), true);
+        unset($output);
+        $v_backup_host = $v_remote_backup[$backup_type]['HOST'];
+        $v_backup_type = $v_remote_backup[$backup_type]['TYPE'];
+        $v_backup_username = $v_remote_backup[$backup_type]['USERNAME'];
+        $v_backup_password = "";
+        $v_backup_port = $v_remote_backup[$backup_type]['PORT'];
+        $v_backup_bpath = $v_remote_backup[$backup_type]['BPATH'];
+    }
+}
+
+// List ssl web domains
+exec (VESTA_CMD."v-search-ssl-certificates json", $output, $return_var);
+$v_ssl_domains = json_decode(implode('', $output), true);
+//$v_vesta_certificate
+unset($output);
+
+// List ssl certificate info
+exec (VESTA_CMD."v-list-sys-vesta-ssl json", $output, $return_var);
+$v_sys_ssl_str = json_decode(implode('', $output), true);
+unset($output);
+$v_sys_ssl_crt = $v_sys_ssl_str['VESTA']['CRT'];
+$v_sys_ssl_key = $v_sys_ssl_str['VESTA']['KEY'];
+$v_sys_ssl_ca = $v_sys_ssl_str['VESTA']['CA'];
+$v_sys_ssl_subject = $v_sys_ssl_str['VESTA']['SUBJECT'];
+$v_sys_ssl_aliases = $v_sys_ssl_str['VESTA']['ALIASES'];
+$v_sys_ssl_not_before = $v_sys_ssl_str['VESTA']['NOT_BEFORE'];
+$v_sys_ssl_not_after = $v_sys_ssl_str['VESTA']['NOT_AFTER'];
+$v_sys_ssl_signature = $v_sys_ssl_str['VESTA']['SIGNATURE'];
+$v_sys_ssl_pub_key = $v_sys_ssl_str['VESTA']['PUB_KEY'];
+$v_sys_ssl_issuer = $v_sys_ssl_str['VESTA']['ISSUER'];
+
+// List mail ssl certificate info
+if (!empty($_SESSION['VESTA_CERTIFICATE'])); {
+    exec (VESTA_CMD."v-list-sys-mail-ssl json", $output, $return_var);
+    $v_mail_ssl_str = json_decode(implode('', $output), true);
+    unset($output);
+    $v_mail_ssl_crt = $v_mail_ssl_str['MAIL']['CRT'];
+    $v_mail_ssl_key = $v_mail_ssl_str['MAIL']['KEY'];
+    $v_mail_ssl_ca = $v_mail_ssl_str['MAIL']['CA'];
+    $v_mail_ssl_subject = $v_mail_ssl_str['MAIL']['SUBJECT'];
+    $v_mail_ssl_aliases = $v_mail_ssl_str['MAIL']['ALIASES'];
+    $v_mail_ssl_not_before = $v_mail_ssl_str['MAIL']['NOT_BEFORE'];
+    $v_mail_ssl_not_after = $v_mail_ssl_str['MAIL']['NOT_AFTER'];
+    $v_mail_ssl_signature = $v_mail_ssl_str['MAIL']['SIGNATURE'];
+    $v_mail_ssl_pub_key = $v_mail_ssl_str['MAIL']['PUB_KEY'];
+    $v_mail_ssl_issuer = $v_mail_ssl_str['MAIL']['ISSUER'];
+}
+
+// Check POST request
+if (!empty($_POST['save'])) {
+
+    // Check token
+    if ((!isset($_POST['token'])) || ($_SESSION['token'] != $_POST['token'])) {
+        exit();
+    }
+
+    // Change hostname
+    if ((!empty($_POST['v_hostname'])) && ($v_hostname != $_POST['v_hostname'])) {
+        exec (VESTA_CMD."v-change-sys-hostname ".escapeshellarg($_POST['v_hostname']), $output, $return_var);
+        check_return_code($return_var,$output);
+        unset($output);
+        $v_hostname = $_POST['v_hostname'];
+    }
+
+    // Change timezone
+    if (empty($_SESSION['error_msg'])) {
+        if (!empty($_POST['v_timezone'])) {
+            $v_tz = $_POST['v_timezone'];
+            if ($v_tz == 'UTC' ) $v_tz = 'Etc/UTC';
+            if ($v_tz == 'HAST' ) $v_tz = 'Pacific/Honolulu';
+            if ($v_tz == 'HADT' ) $v_tz = 'US/Aleutian';
+            if ($v_tz == 'AKST' ) $v_tz = 'Etc/GMT+9';
+            if ($v_tz == 'AKDT' ) $v_tz = 'America/Anchorage';
+            if ($v_tz == 'PST' ) $v_tz = 'America/Dawson_Creek';
+            if ($v_tz == 'PDT' ) $v_tz = 'PST8PDT';
+            if ($v_tz == 'MDT' ) $v_tz = 'MST7MDT';
+            if ($v_tz == 'CST' ) $v_tz = 'Canada/Saskatchewan';
+            if ($v_tz == 'CDT' ) $v_tz = 'CST6CDT';
+            if ($v_tz == 'EDT' ) $v_tz = 'EST5EDT';
+            if ($v_tz == 'AST' ) $v_tz = 'America/Puerto_Rico';
+            if ($v_tz == 'ADT' ) $v_tz = 'America/Halifax';
+
+            if ($v_timezone != $v_tz) {
+                exec (VESTA_CMD."v-change-sys-timezone ".escapeshellarg($v_tz), $output, $return_var);
+                check_return_code($return_var,$output);
+                $v_timezone = $v_tz;
+                unset($output);
+            }
+        }
+    }
+
+    // Change default language
+    if (empty($_SESSION['error_msg'])) {
+        if ((!empty($_POST['v_language'])) && ($_SESSION['LANGUAGE'] != $_POST['v_language'])) {
+            exec (VESTA_CMD."v-change-sys-language ".escapeshellarg($_POST['v_language']), $output, $return_var);
+            check_return_code($return_var,$output);
+            unset($output);
+            if (empty($_SESSION['error_msg'])) $_SESSION['LANGUAGE'] = $_POST['v_language'];
+        }
+    }
+
+    // Set disk_quota support
+    if (empty($_SESSION['error_msg'])) {
+        if ((!empty($_POST['v_quota'])) && ($_SESSION['DISK_QUOTA'] != $_POST['v_quota'])) {
+            if($_POST['v_quota'] == 'yes') {
+                exec (VESTA_CMD."v-add-sys-quota", $output, $return_var);
+                check_return_code($return_var,$output);
+                unset($output);
+                if (empty($_SESSION['error_msg'])) $_SESSION['DISK_QUOTA'] = 'yes';
+            } else {
+                exec (VESTA_CMD."v-delete-sys-quota", $output, $return_var);
+                check_return_code($return_var,$output);
+                unset($output);
+                if (empty($_SESSION['error_msg'])) $_SESSION['DISK_QUOTA'] = 'no';
+            }
+        }
+    }
+
+    // Set firewall support
+    if (empty($_SESSION['error_msg'])) {
+        if ($_SESSION['FIREWALL_SYSTEM'] == 'iptables') $v_firewall = 'yes';
+        if ($_SESSION['FIREWALL_SYSTEM'] != 'iptables') $v_firewall = 'no';
+        if ((!empty($_POST['v_firewall'])) && ($v_firewall != $_POST['v_firewall'])) {
+            if($_POST['v_firewall'] == 'yes') {
+                exec (VESTA_CMD."v-add-sys-firewall", $output, $return_var);
+                check_return_code($return_var,$output);
+                unset($output);
+                if (empty($_SESSION['error_msg'])) $_SESSION['FIREWALL_SYSTEM'] = 'iptables';
+            } else {
+                exec (VESTA_CMD."v-delete-sys-firewall", $output, $return_var);
+                check_return_code($return_var,$output);
+                unset($output);
+                if (empty($_SESSION['error_msg'])) $_SESSION['FIREWALL_SYSTEM'] = '';
+            }
+        }
+    }
+
+    // Update mysql pasword
+    if (empty($_SESSION['error_msg'])) {
+        if (!empty($_POST['v_mysql_password'])) {
+            exec (VESTA_CMD."v-change-database-host-password mysql localhost root ".escapeshellarg($_POST['v_mysql_password']), $output, $return_var);
+            check_return_code($return_var,$output);
+            unset($output);
+            $v_db_adv = 'yes';
+        }
+    }
+
+
+    // Delete Mail Domain SSL certificate
+    if ((!isset($_POST['v_mail_ssl_domain_checkbox'])) && (!empty($_SESSION['MAIL_CERTIFICATE'])) && (empty($_SESSION['error_msg']))) {
+        unset($_SESSION['MAIL_CERTIFICATE']);
+        exec (VESTA_CMD."v-delete-sys-mail-ssl", $output, $return_var);
+        check_return_code($return_var,$output);
+        unset($output);
+    }
+
+    // Updating Mail Domain SSL certificate
+    if ((isset($_POST['v_mail_ssl_domain_checkbox'])) && (isset($_POST['v_mail_ssl_domain'])) && (empty($_SESSION['error_msg']))) {
+        if ((!empty($_POST['v_mail_ssl_domain'])) && ($_POST['v_mail_ssl_domain'] != $_SESSION['MAIL_CERTIFICATE'])) {
+            $v_mail_ssl_str = explode(":", $_POST['v_mail_ssl_domain']);
+            $v_mail_ssl_user = escapeshellarg($v_mail_ssl_str[0]);
+            $v_mail_ssl_domain = escapeshellarg($v_mail_ssl_str[1]);
+            exec (VESTA_CMD."v-add-sys-mail-ssl ".$v_mail_ssl_user." ".$v_mail_ssl_domain, $output, $return_var);
+            check_return_code($return_var,$output);
+            unset($output);
+            unset($v_mail_ssl_str);
+
+            if (empty($_SESSION['error_msg'])) {
+                $_SESSION['MAIL_CERTIFICATE'] = $_POST['v_mail_ssl_domain'];
+
+                // List SSL certificate info
+                exec (VESTA_CMD."v-list-sys-mail-ssl json", $output, $return_var);
+                $v_mail_ssl_str = json_decode(implode('', $output), true);
+                unset($output);
+                $v_mail_ssl_crt = $v_mail_ssl_str['MAIL']['CRT'];
+                $v_mail_ssl_key = $v_mail_ssl_str['MAIL']['KEY'];
+                $v_mail_ssl_ca = $v_mail_ssl_str['MAIL']['CA'];
+                $v_mail_ssl_subject = $v_mail_ssl_str['MAIL']['SUBJECT'];
+                $v_mail_ssl_aliases = $v_mail_ssl_str['MAIL']['ALIASES'];
+                $v_mail_ssl_not_before = $v_mail_ssl_str['MAIL']['NOT_BEFORE'];
+                $v_mail_ssl_not_after = $v_mail_ssl_str['MAIL']['NOT_AFTER'];
+                $v_mail_ssl_signature = $v_mail_ssl_str['MAIL']['SIGNATURE'];
+                $v_mail_ssl_pub_key = $v_mail_ssl_str['MAIL']['PUB_KEY'];
+                $v_mail_ssl_issuer = $v_mail_ssl_str['MAIL']['ISSUER'];
+            }
+        }
+    }
+
+    // Update webmail url
+    if (empty($_SESSION['error_msg'])) {
+        if ($_POST['v_mail_url'] != $_SESSION['MAIL_URL']) {
+            exec (VESTA_CMD."v-change-sys-config-value MAIL_URL ".escapeshellarg($_POST['v_mail_url']), $output, $return_var);
+            check_return_code($return_var,$output);
+            unset($output);
+            $v_mail_adv = 'yes';
+        }
+    }
+
+    // Update phpMyAdmin url
+    if (empty($_SESSION['error_msg'])) {
+        if ($_POST['v_mysql_url'] != $_SESSION['DB_PMA_URL']) {
+            exec (VESTA_CMD."v-change-sys-config-value DB_PMA_URL ".escapeshellarg($_POST['v_mysql_url']), $output, $return_var);
+            check_return_code($return_var,$output);
+            unset($output);
+            $v_db_adv = 'yes';
+        }
+    }
+
+    // Update phpPgAdmin url
+    if (empty($_SESSION['error_msg'])) {
+        if ($_POST['v_pgsql_url'] != $_SESSION['DB_PGA_URL']) {
+            exec (VESTA_CMD."v-change-sys-config-value DB_PGA_URL ".escapeshellarg($_POST['v_pgsql_url']), $output, $return_var);
+            check_return_code($return_var,$output);
+            unset($output);
+            $v_db_adv = 'yes';
+        }
+    }
+
+    // Disable local backup
+    if (empty($_SESSION['error_msg'])) {
+        if (($_POST['v_backup'] == 'no') && ($v_backup == 'yes' )) {
+            exec (VESTA_CMD."v-delete-backup-host local", $output, $return_var);
+            check_return_code($return_var,$output);
+            unset($output);
+            if (empty($_SESSION['error_msg'])) $v_backup = 'no';
+            $v_backup_adv = 'yes';
+        }
+    }
+
+    // Enable local backups
+    if (empty($_SESSION['error_msg'])) {
+        if (($_POST['v_backup'] == 'yes') && ($v_backup != 'yes' )) {
+            exec (VESTA_CMD."v-add-backup-host local", $output, $return_var);
+            check_return_code($return_var,$output);
+            unset($output);
+            if (empty($_SESSION['error_msg'])) $v_backup = 'yes';
+            $v_backup_adv = 'yes';
+        }
+    }
+
+    // Change backup gzip level
+    if (empty($_SESSION['error_msg'])) {
+        if ($_POST['v_backup_gzip'] != $v_backup_gzip ) {
+            exec (VESTA_CMD."v-change-sys-config-value BACKUP_GZIP ".escapeshellarg($_POST['v_backup_gzip']), $output, $return_var);
+            check_return_code($return_var,$output);
+            unset($output);
+            if (empty($_SESSION['error_msg'])) $v_backup_gzip = $_POST['v_backup_gzip'];
+            $v_backup_adv = 'yes';
+        }
+    }
+
+    // Change backup path
+    if (empty($_SESSION['error_msg'])) {
+        if ($_POST['v_backup_dir'] != $v_backup_dir ) {
+            exec (VESTA_CMD."v-change-sys-config-value BACKUP ".escapeshellarg($_POST['v_backup_dir']), $output, $return_var);
+            check_return_code($return_var,$output);
+            unset($output);
+            if (empty($_SESSION['error_msg'])) $v_backup_dir = $_POST['v_backup_dir'];
+            $v_backup_adv = 'yes';
+        }
+    }
+
+    // Add remote backup host
+    if (empty($_SESSION['error_msg'])) {
+        if ((!empty($_POST['v_backup_host'])) && (empty($v_backup_host))) {
+            $v_backup_host = escapeshellarg($_POST['v_backup_host']);
+            $v_backup_type = escapeshellarg($_POST['v_backup_type']);
+            $v_backup_username = escapeshellarg($_POST['v_backup_username']);
+            $v_backup_password = escapeshellarg($_POST['v_backup_password']);
+            $v_backup_bpath = escapeshellarg($_POST['v_backup_bpath']);
+            exec (VESTA_CMD."v-add-backup-host ".$v_backup_type." ".$v_backup_host ." ".$v_backup_username." ".$v_backup_password." ".$v_backup_bpath, $output, $return_var);
+            check_return_code($return_var,$output);
+            unset($output);
+            if (empty($_SESSION['error_msg'])) $v_backup_host = $_POST['v_backup_host'];
+            if (empty($_SESSION['error_msg'])) $v_backup_type = $_POST['v_backup_type'];
+            if (empty($_SESSION['error_msg'])) $v_backup_username = $_POST['v_backup_username'];
+            if (empty($_SESSION['error_msg'])) $v_backup_password = $_POST['v_backup_password'];
+            if (empty($_SESSION['error_msg'])) $v_backup_bpath = $_POST['v_backup_bpath'];
+            $v_backup_new = 'yes';
+            $v_backup_adv = 'yes';
+            $v_backup_remote_adv = 'yes';
+        }
+    }
+
+    // Change remote backup host type
+    if (empty($_SESSION['error_msg'])) {
+        if ((!empty($_POST['v_backup_host'])) && ($_POST['v_backup_type'] != $v_backup_type)) {
+            exec (VESTA_CMD."v-delete-backup-host ". $v_backup_type, $output, $return_var);
+            unset($output);
+
+            $v_backup_host = escapeshellarg($_POST['v_backup_host']);
+            $v_backup_type = escapeshellarg($_POST['v_backup_type']);
+            $v_backup_username = escapeshellarg($_POST['v_backup_username']);
+            $v_backup_password = escapeshellarg($_POST['v_backup_password']);
+            $v_backup_bpath = escapeshellarg($_POST['v_backup_bpath']);
+            exec (VESTA_CMD."v-add-backup-host ".$v_backup_type." ".$v_backup_host." ".$v_backup_username." ".$v_backup_password." ".$v_backup_bpath, $output, $return_var);
+            check_return_code($return_var,$output);
+            unset($output);
+            if (empty($_SESSION['error_msg'])) $v_backup_host = $_POST['v_backup_host'];
+            if (empty($_SESSION['error_msg'])) $v_backup_type = $_POST['v_backup_type'];
+            if (empty($_SESSION['error_msg'])) $v_backup_username = $_POST['v_backup_username'];
+            if (empty($_SESSION['error_msg'])) $v_backup_password = $_POST['v_backup_password'];
+            if (empty($_SESSION['error_msg'])) $v_backup_bpath = $_POST['v_backup_bpath'];
+            $v_backup_adv = 'yes';
+            $v_backup_remote_adv = 'yes';
+        }
+    }
+
+    // Change remote backup host
+    if (empty($_SESSION['error_msg'])) {
+        if ((!empty($_POST['v_backup_host'])) && ($_POST['v_backup_type'] == $v_backup_type) && (!isset($v_backup_new))) {
+            if (($_POST['v_backup_host'] != $v_backup_host) || ($_POST['v_backup_username'] != $v_backup_username) || ($_POST['v_backup_password'] != $v_backup_password) || ($_POST['v_backup_bpath'] != $v_backup_bpath)){
+                $v_backup_host = escapeshellarg($_POST['v_backup_host']);
+                $v_backup_type = escapeshellarg($_POST['v_backup_type']);
+                $v_backup_username = escapeshellarg($_POST['v_backup_username']);
+                $v_backup_password = escapeshellarg($_POST['v_backup_password']);
+                $v_backup_bpath = escapeshellarg($_POST['v_backup_bpath']);
+                exec (VESTA_CMD."v-add-backup-host ".$v_backup_type." ".$v_backup_host." ".$v_backup_username." ".$v_backup_password." ".$v_backup_bpath, $output, $return_var);
+                check_return_code($return_var,$output);
+                unset($output);
+                if (empty($_SESSION['error_msg'])) $v_backup_host = $_POST['v_backup_host'];
+                if (empty($_SESSION['error_msg'])) $v_backup_type = $_POST['v_backup_type'];
+                if (empty($_SESSION['error_msg'])) $v_backup_username = $_POST['v_backup_username'];
+                if (empty($_SESSION['error_msg'])) $v_backup_password = $_POST['v_backup_password'];
+                if (empty($_SESSION['error_msg'])) $v_backup_bpath = $_POST['v_backup_bpath'];
+                $v_backup_adv = 'yes';
+                $v_backup_remote_adv = 'yes';
+            }
+        }
+    }
+
+    // Delete remote backup host
+    if (empty($_SESSION['error_msg'])) {
+        if ((empty($_POST['v_backup_host'])) && (!empty($v_backup_host))) {
+            exec (VESTA_CMD."v-delete-backup-host ". $v_backup_type, $output, $return_var);
+            check_return_code($return_var,$output);
+            unset($output);
+            if (empty($_SESSION['error_msg'])) $v_backup_host = '';
+            if (empty($_SESSION['error_msg'])) $v_backup_type = '';
+            if (empty($_SESSION['error_msg'])) $v_backup_username = '';
+            if (empty($_SESSION['error_msg'])) $v_backup_password = '';
+            if (empty($_SESSION['error_msg'])) $v_backup_bpath = '';
+            $v_backup_adv = '';
+            $v_backup_remote_adv = '';
+        }
+    }
+
+
+
+    // Delete WEB Domain SSL certificate
+    if ((!isset($_POST['v_web_ssl_domain_checkbox'])) && (!empty($_SESSION['VESTA_CERTIFICATE'])) && (empty($_SESSION['error_msg']))) {
+        unset($_SESSION['VESTA_CERTIFICATE']);
+        exec (VESTA_CMD."v-delete-sys-vesta-ssl", $output, $return_var);
+        check_return_code($return_var,$output);
+        unset($output);
+    }
+
+    // Updating WEB Domain SSL certificate
+    if ((isset($_POST['v_web_ssl_domain_checkbox'])) && (isset($_POST['v_web_ssl_domain'])) && (empty($_SESSION['error_msg']))) {
+
+        if ((!empty($_POST['v_web_ssl_domain'])) && ($_POST['v_web_ssl_domain'] != $_SESSION['VESTA_CERTIFICATE'])) {
+            $v_web_ssl_str = explode(":", $_POST['v_web_ssl_domain']);
+            $v_web_ssl_user = escapeshellarg($v_web_ssl_str[0]);
+            $v_web_ssl_domain = escapeshellarg($v_web_ssl_str[1]);
+            exec (VESTA_CMD."v-add-sys-vesta-ssl ".$v_web_ssl_user." ".$v_web_ssl_domain, $output, $return_var);
+            check_return_code($return_var,$output);
+            unset($output);
+
+            if (empty($_SESSION['error_msg'])) {
+                $_SESSION['VESTA_CERTIFICATE'] = $_POST['v_web_ssl_domain'];
+
+                // List SSL certificate info
+                exec (VESTA_CMD."v-list-sys-vesta-ssl json", $output, $return_var);
+                $v_sys_ssl_str = json_decode(implode('', $output), true);
+                unset($output);
+                $v_sys_ssl_crt = $v_sys_ssl_str['VESTA']['CRT'];
+                $v_sys_ssl_key = $v_sys_ssl_str['VESTA']['KEY'];
+                $v_sys_ssl_ca = $v_sys_ssl_str['VESTA']['CA'];
+                $v_sys_ssl_subject = $v_sys_ssl_str['VESTA']['SUBJECT'];
+                $v_sys_ssl_aliases = $v_sys_ssl_str['VESTA']['ALIASES'];
+                $v_sys_ssl_not_before = $v_sys_ssl_str['VESTA']['NOT_BEFORE'];
+                $v_sys_ssl_not_after = $v_sys_ssl_str['VESTA']['NOT_AFTER'];
+                $v_sys_ssl_signature = $v_sys_ssl_str['VESTA']['SIGNATURE'];
+                $v_sys_ssl_pub_key = $v_sys_ssl_str['VESTA']['PUB_KEY'];
+                $v_sys_ssl_issuer = $v_sys_ssl_str['VESTA']['ISSUER'];
+            }
+        }
+    }
+
+
+    // Update SSL certificate
+    if ((!empty($_POST['v_sys_ssl_crt'])) && (empty($_POST['v_web_ssl_domain'])) && (empty($_SESSION['error_msg']))) {
+        if (($v_sys_ssl_crt != str_replace("\r\n", "\n",  $_POST['v_sys_ssl_crt'])) || ($v_sys_ssl_key != str_replace("\r\n", "\n",  $_POST['v_sys_ssl_key']))) {
+            exec ('mktemp -d', $mktemp_output, $return_var);
+            $tmpdir = $mktemp_output[0];
+
+            // Certificate
+            if (!empty($_POST['v_sys_ssl_crt'])) {
+                $fp = fopen($tmpdir."/certificate.crt", 'w');
+                fwrite($fp, str_replace("\r\n", "\n",  $_POST['v_sys_ssl_crt']));
+                fwrite($fp, "\n");
+                fclose($fp);
+            }
+
+            // Key
+            if (!empty($_POST['v_sys_ssl_key'])) {
+                $fp = fopen($tmpdir."/certificate.key", 'w');
+                fwrite($fp, str_replace("\r\n", "\n", $_POST['v_sys_ssl_key']));
+                fwrite($fp, "\n");
+                fclose($fp);
+            }
+
+            exec (VESTA_CMD."v-change-sys-vesta-ssl ".$tmpdir, $output, $return_var);
+            check_return_code($return_var,$output);
+            unset($output);
+
+            if (empty($_SESSION['error_msg'])) {
+                // List ssl certificate info
+                exec (VESTA_CMD."v-list-sys-vesta-ssl json", $output, $return_var);
+                $v_sys_ssl_str = json_decode(implode('', $output), true);
+                unset($output);
+                $v_sys_ssl_crt = $v_sys_ssl_str['VESTA']['CRT'];
+                $v_sys_ssl_key = $v_sys_ssl_str['VESTA']['KEY'];
+                $v_sys_ssl_ca = $v_sys_ssl_str['VESTA']['CA'];
+                $v_sys_ssl_subject = $v_sys_ssl_str['VESTA']['SUBJECT'];
+                $v_sys_ssl_aliases = $v_sys_ssl_str['VESTA']['ALIASES'];
+                $v_sys_ssl_not_before = $v_sys_ssl_str['VESTA']['NOT_BEFORE'];
+                $v_sys_ssl_not_after = $v_sys_ssl_str['VESTA']['NOT_AFTER'];
+                $v_sys_ssl_signature = $v_sys_ssl_str['VESTA']['SIGNATURE'];
+                $v_sys_ssl_pub_key = $v_sys_ssl_str['VESTA']['PUB_KEY'];
+                $v_sys_ssl_issuer = $v_sys_ssl_str['VESTA']['ISSUER'];
+            }
+        }
+    }
+
+    // Flush field values on success
+    if (empty($_SESSION['error_msg'])) {
+        $_SESSION['ok_msg'] = __('Changes has been saved.');
+    }
+
+    // activating sftp licence
+    if (empty($_SESSION['error_msg'])) {
+        if($_SESSION['SFTPJAIL_KEY'] != $_POST['v_sftp_licence'] && $_POST['v_sftp'] == 'yes'){
+            $module = 'sftpjail';
+            $licence_key = escapeshellarg($_POST['v_sftp_licence']);
+            exec (VESTA_CMD."v-activate-vesta-license ".$module." ".$licence_key, $output, $return_var);
+            check_return_code($return_var,$output);
+            unset($output);
+            if (empty($_SESSION['error_msg'])) {
+                $_SESSION['ok_msg'] = __('Licence Activated');
+                $_SESSION['SFTPJAIL_KEY'] = $_POST['v_sftp_licence'];
+            }
+        }
+    }
+
+    // cancel sftp licence
+    if (empty($_SESSION['error_msg'])) {
+        if($_POST['v_sftp'] == 'cancel' && $_SESSION['SFTPJAIL_KEY']){
+            $module = 'sftpjail';
+            $licence_key = escapeshellarg($_SESSION['SFTPJAIL_KEY']);
+            exec (VESTA_CMD."v-deactivate-vesta-license ".$module." ".$licence_key, $output, $return_var);
+            check_return_code($return_var,$output);
+            unset($output);
+            if (empty($_SESSION['error_msg'])) {
+                $_SESSION['ok_msg'] = __('Licence Deactivated');
+                unset($_SESSION['SFTPJAIL_KEY']);
+            }
+        }
+    }
+
+    // activating filemanager licence
+    if (empty($_SESSION['error_msg'])) {
+        if($_SESSION['FILEMANAGER_KEY'] != $_POST['v_filemanager_licence'] && $_POST['v_filemanager'] == 'yes'){
+            $module = 'filemanager';
+            $licence_key = escapeshellarg($_POST['v_filemanager_licence']);
+            exec (VESTA_CMD."v-activate-vesta-license ".$module." ".$licence_key, $output, $return_var);
+            check_return_code($return_var,$output);
+            unset($output);
+            if (empty($_SESSION['error_msg'])) {
+                $_SESSION['ok_msg'] = __('Licence Activated');
+                $_SESSION['FILEMANAGER_KEY'] = $_POST['v_filemanager_licence'];
+            }
+        }
+    }
+
+    // cancel filemanager licence
+    if (empty($_SESSION['error_msg'])) {
+        if($_POST['v_filemanager'] == 'cancel' && $_SESSION['FILEMANAGER_KEY']){
+            $module = 'filemanager';
+            $licence_key = escapeshellarg($_SESSION['FILEMANAGER_KEY']);
+            exec (VESTA_CMD."v-deactivate-vesta-license ".$module." ".$licence_key, $output, $return_var);
+            check_return_code($return_var,$output);
+            unset($output);
+            if (empty($_SESSION['error_msg'])) {
+                $_SESSION['ok_msg'] = __('Licence Deactivated');
+                unset($_SESSION['FILEMANAGER_KEY']);
+            }
+        }
+    }
+
+    // activating softaculous
+    if (empty($_SESSION['error_msg'])) {
+        if($_SESSION['SOFTACULOUS'] != $_POST['v_softaculous'] && $_POST['v_softaculous'] == 'yes'){
+            exec (VESTA_CMD."v-add-vesta-softaculous WEB", $output, $return_var);
+            check_return_code($return_var,$output);
+            unset($output);
+            if (empty($_SESSION['error_msg'])) {
+                $_SESSION['ok_msg'] = __('Softaculous Activated');
+                $_SESSION['SOFTACULOUS'] = 'yes';
+            }
+        }
+    }
+
+    // disable softaculous
+    if (empty($_SESSION['error_msg'])) {
+        if($_SESSION['SOFTACULOUS'] != $_POST['v_softaculous'] && $_POST['v_softaculous'] == 'no'){
+            exec (VESTA_CMD."v-delete-vesta-softaculous", $output, $return_var);
+            check_return_code($return_var,$output);
+            unset($output);
+            if (empty($_SESSION['error_msg'])) {
+                $_SESSION['ok_msg'] = __('Softaculous Disabled');
+                $_SESSION['SOFTACULOUS'] = '';
+            }
+        }
+    }
+
+}
+
+// Check system configuration
+exec (VESTA_CMD . "v-list-sys-config json", $output, $return_var);
+$data = json_decode(implode('', $output), true);
+unset($output);
+
+$sys_arr = $data['config'];
+foreach ($sys_arr as $key => $value) {
+    $_SESSION[$key] = $value;
+}
+
+
+// Render page
+// render_page($user, $TAB, 'edit_server');
+
+$result = array(
+    'hostname' => $v_hostname,
+    'timezones' => $v_timezones,
+    'timezone' => $v_timezone,
+    'languages' => $languages,
+    'backup_adv' => $v_backup_adv,
+    'backup_remote_adv' => $v_backup_remote_adv,
+    'language' => $_SESSION['LANGUAGE'],
+    'proxy_system' => $_SESSION['PROXY_SYSTEM'],
+    'mail_system' => $_SESSION['MAIL_SYSTEM'],
+    'antivirus_system' => $_SESSION['ANTIVIRUS_SYSTEM'],
+    'antispam_system' => $_SESSION['ANTISPAM_SYSTEM'],
+    'mail_url' => $_SESSION['MAIL_URL'],
+    'pgsql_url' => $_SESSION['DB_PGA_URL'],
+    'mail_certificate' => $_SESSION['MAIL_CERTIFICATE'],
+    'db_pma_url' => $_SESSION['DB_PMA_URL'],
+    'dns_system' => $_SESSION['DNS_SYSTEM'],
+    'web_system' => $_SESSION['WEB_SYSTEM'],
+    'softaculous' => $_SESSION['SOFTACULOUS'],
+    'firewall_system' => $_SESSION['FIREWALL_SYSTEM'],
+    'web_backend' => $_SESSION['WEB_BACKEND'],
+    'version' => $_SESSION['VERSION'],
+    'http_host' => $_SERVER['HTTP_HOST'],
+    'fm_key' => $_SESSION['FILEMANAGER_KEY'],
+    'fm_license_key' => $_GET['filemanager_licence_key'],
+    'disk_quota' => $_SESSION['DISK_QUOTA'],
+    'web_backend_pool' => $_SESSION['WEB_BACKEND_POOL'],
+    'sftpjail_key' => $_SESSION['SFTPJAIL_KEY'],
+    'lead' => $_GET['lead'] == 'sftp',
+    'licence_key' => $_GET['sftp_licence_key'] != '' ? $_GET['sftp_licence_key'] : $_SESSION['SFTPJAIL_KEY'],
+    'fm_licence_key_option' => $_GET['filemanager_licence_key'] != '' ? $_GET['filemanager_licence_key'] : $_SESSION['FILEMANAGER_KEY'],
+    'vesta_certificate' => $_SESSION['VESTA_CERTIFICATE'],
+    'yes_no_options' => [ __('no'), __('yes') ],
+    'dns_cluster_options' => [ __('no'), __('yes') ],
+    'postgre_sql_options' => [ __('no'), __('yes') ],
+    'mysql_support_options' => [ __('no'), __('yes') ],
+    'dns_cluster' => $dns_cluster,
+    'v_dns_cluster' => $v_dns_cluster,
+    'db_hosts' => $db_hosts,
+    'mysql_hosts' => $v_mysql_hosts,
+    'mysql' => $mysql,
+    'pgsql_hosts' => $v_pgsql_hosts,
+    'pgsql' => $v_pgsql,
+    'protocols' => [ __('ftp'), __('sftp') ],
+    'backup_dir' => $v_backup_dir,
+    'backup_gzip' => $v_backup_gzip,
+    'backup_types' => $backup_types,
+    'backup' => $v_backup,
+    'remote_backup' => $v_remote_backup,
+    'backup_host' => $v_backup_host,
+    'backup_type' => $v_backup_type,
+    'backup_username' => $v_backup_username,
+    'backup_password' => $v_backup_password,
+    'backup_port' => $v_backup_port,
+    'backup_bpath' => $v_backup_bpath,
+    'ssl_domains' => $v_ssl_domains,
+    'sys_ssl_crt' => $v_sys_ssl_str['VESTA']['CRT'],
+    'sys_ssl_key' => $v_sys_ssl_str['VESTA']['KEY'],
+    'sys_ssl_ca' => $v_sys_ssl_str['VESTA']['CA'],
+    'sys_ssl_subject' => $v_sys_ssl_str['VESTA']['SUBJECT'],
+    'sys_ssl_aliases' => $v_sys_ssl_str['VESTA']['ALIASES'],
+    'sys_ssl_not_before' => $v_sys_ssl_str['VESTA']['NOT_BEFORE'],
+    'sys_ssl_not_after' => $v_sys_ssl_str['VESTA']['NOT_AFTER'],
+    'sys_ssl_signature' => $v_sys_ssl_str['VESTA']['SIGNATURE'],
+    'sys_ssl_pub_key' => $v_sys_ssl_str['VESTA']['PUB_KEY'],
+    'sys_ssl_issuer' => $v_sys_ssl_str['VESTA']['ISSUER'],
+    'mail_ssl_crt' => $v_mail_ssl_str['MAIL']['CRT'],
+    'mail_ssl_key' => $v_mail_ssl_str['MAIL']['KEY'],
+    'mail_ssl_ca' => $v_mail_ssl_str['MAIL']['CA'],
+    'mail_ssl_subject' => $v_mail_ssl_str['MAIL']['SUBJECT'],
+    'mail_ssl_aliases' => $v_mail_ssl_str['MAIL']['ALIASES'],
+    'mail_ssl_not_before' => $v_mail_ssl_str['MAIL']['NOT_BEFORE'],
+    'mail_ssl_not_after' => $v_mail_ssl_str['MAIL']['NOT_AFTER'],
+    'mail_ssl_signature' => $v_mail_ssl_str['MAIL']['SIGNATURE'],
+    'mail_ssl_pub_key' => $v_mail_ssl_str['MAIL']['PUB_KEY'],
+    'mail_ssl_issuer' => $v_mail_ssl_str['MAIL']['ISSUER'],
+    'error_msg' => $_SESSION['error_msg'],
+    'ok_msg' => $_SESSION['ok_msg']
+);
+
+echo json_encode($result);
+
+// Flush session messages
+unset($_SESSION['error_msg']);
+unset($_SESSION['ok_msg']);
diff --git a/web/api/v1/edit/server/iptables/index.php b/web/api/v1/edit/server/iptables/index.php
new file mode 100644
index 000000000..ff3875f4d
--- /dev/null
+++ b/web/api/v1/edit/server/iptables/index.php
@@ -0,0 +1,16 @@
+<?php
+error_reporting(NULL);
+$TAB = 'SERVER';
+header('Content-Type: application/json');
+
+// Main include
+include($_SERVER['DOCUMENT_ROOT']."/inc/main.php");
+
+$result = array(
+  'error' => $_SESSION['error_msg'],
+  'ok_msg' => $_SESSION['ok_msg']
+);
+
+echo json_encode($result);
+unset($_SESSION['error_msg']);
+unset($_SESSION['ok_msg']);
\ No newline at end of file
diff --git a/web/api/v1/edit/server/mariadb/index.php b/web/api/v1/edit/server/mariadb/index.php
new file mode 100644
index 000000000..2766d14f1
--- /dev/null
+++ b/web/api/v1/edit/server/mariadb/index.php
@@ -0,0 +1,79 @@
+<?php
+error_reporting(NULL);
+$TAB = 'SERVER';
+
+header('Content-Type: application/json');
+
+// Main include
+include($_SERVER['DOCUMENT_ROOT']."/inc/main.php");
+
+// Check user
+if ($_SESSION['user'] != 'admin') {
+    exit;
+}
+
+// Check POST request
+if (!empty($_POST['save'])) {
+
+    // Check token
+    if ((!isset($_POST['token'])) || ($_SESSION['token'] != $_POST['token'])) {
+        exit();
+    }
+
+    // Set restart flag
+    $v_restart = 'yes';
+    if (empty($_POST['v_restart'])) $v_restart = 'no';
+
+    // Update config
+    if (!empty($_POST['v_config'])) {
+        exec ('mktemp', $mktemp_output, $return_var);
+        $new_conf = $mktemp_output[0];
+        $fp = fopen($new_conf, 'w');
+        fwrite($fp, str_replace("\r\n", "\n",  $_POST['v_config']));
+        fclose($fp);
+        exec (VESTA_CMD."v-change-sys-service-config ".$new_conf." mariadb ".$v_restart, $output, $return_var);
+        check_return_code($return_var,$output);
+        unset($output);
+        unlink($new_conf);
+    }
+
+    // Set success message
+    if (empty($_SESSION['error_msg'])) {
+        $_SESSION['ok_msg'] = __('Changes has been saved.');
+    }
+
+}
+
+// List config
+exec (VESTA_CMD."v-list-sys-mysql-config json", $output, $return_var);
+$data = json_decode(implode('', $output), true);
+unset($output);
+$v_max_user_connections = $data['CONFIG']['max_user_connections'];
+$v_max_connections = $data['CONFIG']['max_connections'];
+$v_wait_timeout = $data['CONFIG']['wait_timeout'];
+$v_interactive_timeout = $data['CONFIG']['interactive_timeout'];
+$v_max_allowed_packet = $data['CONFIG']['max_allowed_packet'];
+$v_config_path = $data['CONFIG']['config_path'];
+$v_service_name = strtoupper('mariadb');
+
+# Read config
+$v_config = shell_exec(VESTA_CMD."v-open-fs-config ".$v_config_path);
+
+$result = array(
+    'max_user_connections' => $v_max_user_connections,
+    'max_connections' => $v_max_connections,
+    'wait_timeout' => $v_wait_timeout,
+    'interactive_timeout' => $v_interactive_timeout,
+    'max_allowed_packet' => $v_max_allowed_packet,
+    'config_path' => $v_config_path,
+    'service_name' => $v_service_name,
+    'config' => $v_config,
+    'error_msg' => $_SESSION['error_msg'],
+    'ok_msg' => $_SESSION['ok_msg']
+);
+
+echo json_encode($result);
+
+// Flush session messages
+unset($_SESSION['error_msg']);
+unset($_SESSION['ok_msg']);
\ No newline at end of file
diff --git a/web/api/v1/edit/server/mysql/index.php b/web/api/v1/edit/server/mysql/index.php
new file mode 100644
index 000000000..bbf15b682
--- /dev/null
+++ b/web/api/v1/edit/server/mysql/index.php
@@ -0,0 +1,79 @@
+<?php
+error_reporting(NULL);
+$TAB = 'SERVER';
+
+header('Content-Type: application/json');
+
+// Main include
+include($_SERVER['DOCUMENT_ROOT']."/inc/main.php");
+
+// Check user
+if ($_SESSION['user'] != 'admin') {
+    exit;
+}
+
+// Check POST request
+if (!empty($_POST['save'])) {
+
+    // Check token
+    if ((!isset($_POST['token'])) || ($_SESSION['token'] != $_POST['token'])) {
+        exit();
+    }
+
+    // Set restart flag
+    $v_restart = 'yes';
+    if (empty($_POST['v_restart'])) $v_restart = 'no';
+
+    // Update config
+    if (!empty($_POST['v_config'])) {
+        exec ('mktemp', $mktemp_output, $return_var);
+        $new_conf = $mktemp_output[0];
+        $fp = fopen($new_conf, 'w');
+        fwrite($fp, str_replace("\r\n", "\n",  $_POST['v_config']));
+        fclose($fp);
+        exec (VESTA_CMD."v-change-sys-service-config ".$new_conf." mysql ".$v_restart, $output, $return_var);
+        check_return_code($return_var,$output);
+        unset($output);
+        unlink($new_conf);
+    }
+
+    // Set success message
+    if (empty($_SESSION['error_msg'])) {
+        $_SESSION['ok_msg'] = __('Changes has been saved.');
+    }
+
+}
+
+// List config
+exec (VESTA_CMD."v-list-sys-mysql-config json", $output, $return_var);
+$data = json_decode(implode('', $output), true);
+unset($output);
+$v_max_user_connections = $data['CONFIG']['max_user_connections'];
+$v_max_connections = $data['CONFIG']['max_connections'];
+$v_wait_timeout = $data['CONFIG']['wait_timeout'];
+$v_interactive_timeout = $data['CONFIG']['interactive_timeout'];
+$v_max_allowed_packet = $data['CONFIG']['max_allowed_packet'];
+$v_config_path = $data['CONFIG']['config_path'];
+$v_service_name = strtoupper('mysql');
+
+# Read config
+$v_config = shell_exec(VESTA_CMD."v-open-fs-config ".$v_config_path);
+
+$result = array(
+    'max_user_connections' => $v_max_user_connections,
+    'max_connections' => $v_max_connections,
+    'wait_timeout' => $v_wait_timeout,
+    'interactive_timeout' => $v_interactive_timeout,
+    'max_allowed_packet' => $v_max_allowed_packet,
+    'config_path' => $v_config_path,
+    'service_name' => $v_service_name,
+    'config' => $v_config,
+    'error_msg' => $_SESSION['error_msg'],
+    'ok_msg' => $_SESSION['ok_msg']
+);
+
+echo json_encode($result);
+
+// Flush session messages
+unset($_SESSION['error_msg']);
+unset($_SESSION['ok_msg']);
diff --git a/web/api/v1/edit/server/mysqld/index.php b/web/api/v1/edit/server/mysqld/index.php
new file mode 100644
index 000000000..c63cb81ac
--- /dev/null
+++ b/web/api/v1/edit/server/mysqld/index.php
@@ -0,0 +1,79 @@
+<?php
+error_reporting(NULL);
+$TAB = 'SERVER';
+
+header('Content-Type: application/json');
+
+// Main include
+include($_SERVER['DOCUMENT_ROOT']."/inc/main.php");
+
+// Check user
+if ($_SESSION['user'] != 'admin') {
+    exit;
+}
+
+// Check POST request
+if (!empty($_POST['save'])) {
+
+    // Check token
+    if ((!isset($_POST['token'])) || ($_SESSION['token'] != $_POST['token'])) {
+        exit();
+    }
+
+    // Set restart flag
+    $v_restart = 'yes';
+    if (empty($_POST['v_restart'])) $v_restart = 'no';
+
+    // Update config
+    if (!empty($_POST['v_config'])) {
+        exec ('mktemp', $mktemp_output, $return_var);
+        $new_conf = $mktemp_output[0];
+        $fp = fopen($new_conf, 'w');
+        fwrite($fp, str_replace("\r\n", "\n",  $_POST['v_config']));
+        fclose($fp);
+        exec (VESTA_CMD."v-change-sys-service-config ".$new_conf." mysqld ".$v_restart, $output, $return_var);
+        check_return_code($return_var,$output);
+        unset($output);
+        unlink($new_conf);
+    }
+
+    // Set success message
+    if (empty($_SESSION['error_msg'])) {
+        $_SESSION['ok_msg'] = __('Changes has been saved.');
+    }
+
+}
+
+// List config
+exec (VESTA_CMD."v-list-sys-mysql-config json", $output, $return_var);
+$data = json_decode(implode('', $output), true);
+unset($output);
+$v_max_user_connections = $data['CONFIG']['max_user_connections'];
+$v_max_connections = $data['CONFIG']['max_connections'];
+$v_wait_timeout = $data['CONFIG']['wait_timeout'];
+$v_interactive_timeout = $data['CONFIG']['interactive_timeout'];
+$v_max_allowed_packet = $data['CONFIG']['max_allowed_packet'];
+$v_config_path = $data['CONFIG']['config_path'];
+$v_service_name = strtoupper('mysql');
+
+# Read config
+$v_config = shell_exec(VESTA_CMD."v-open-fs-config ".$v_config_path);
+
+$result = array(
+    'max_user_connections' => $v_max_user_connections,
+    'max_connections' => $v_max_connections,
+    'wait_timeout' => $v_wait_timeout,
+    'interactive_timeout' => $v_interactive_timeout,
+    'max_allowed_packet' => $v_max_allowed_packet,
+    'config_path' => $v_config_path,
+    'service_name' => $v_service_name,
+    'config' => $v_config,
+    'error_msg' => $_SESSION['error_msg'],
+    'ok_msg' => $_SESSION['ok_msg']
+);
+
+echo json_encode($result);
+
+// Flush session messages
+unset($_SESSION['error_msg']);
+unset($_SESSION['ok_msg']);
\ No newline at end of file
diff --git a/web/api/v1/edit/server/named/index.php b/web/api/v1/edit/server/named/index.php
new file mode 100644
index 000000000..aa7d2ed88
--- /dev/null
+++ b/web/api/v1/edit/server/named/index.php
@@ -0,0 +1,65 @@
+<?php
+error_reporting(NULL);
+$TAB = 'SERVER';
+
+header('Content-Type: application/json');
+
+// Main include
+include($_SERVER['DOCUMENT_ROOT']."/inc/main.php");
+
+// Check user
+if ($_SESSION['user'] != 'admin') {
+    exit;
+}
+
+// Check POST request
+if (!empty($_POST['save'])) {
+
+    // Check token
+    if ((!isset($_POST['token'])) || ($_SESSION['token'] != $_POST['token'])) {
+        exit();
+    }
+
+    // Set restart flag
+    $v_restart = 'yes';
+    if (empty($_POST['v_restart'])) $v_restart = 'no';
+
+    // Update config
+    if (!empty($_POST['v_config'])) {
+        exec ('mktemp', $mktemp_output, $return_var);
+        $new_conf = $mktemp_output[0];
+        $fp = fopen($new_conf, 'w');
+        fwrite($fp, str_replace("\r\n", "\n",  $_POST['v_config']));
+        fclose($fp);
+        exec (VESTA_CMD."v-change-sys-service-config ".$new_conf." named ".$v_restart, $output, $return_var);
+        check_return_code($return_var,$output);
+        unset($output);
+        unlink($new_conf);
+    }
+
+    // Set success message
+    if (empty($_SESSION['error_msg'])) {
+        $_SESSION['ok_msg'] = __('Changes has been saved.');
+    }
+
+}
+
+$v_config_path = '/etc/named.conf';
+$v_service_name = strtoupper('named');
+
+// Read config
+$v_config = shell_exec(VESTA_CMD."v-open-fs-config ".$v_config_path);
+
+$result = array(
+    'service_name' => $v_service_name,
+    'config_path' => $v_config_path,
+    'config' => $v_config,
+    'error_msg' => $_SESSION['error_msg'],
+    'ok_msg' => $_SESSION['ok_msg']
+);
+
+echo json_encode($result);
+
+// Flush session messages
+unset($_SESSION['error_msg']);
+unset($_SESSION['ok_msg']);
\ No newline at end of file
diff --git a/web/api/v1/edit/server/nginx/index.php b/web/api/v1/edit/server/nginx/index.php
new file mode 100644
index 000000000..2989975e9
--- /dev/null
+++ b/web/api/v1/edit/server/nginx/index.php
@@ -0,0 +1,89 @@
+<?php
+error_reporting(NULL);
+$TAB = 'SERVER';
+
+header('Content-Type: application/json');
+
+// Main include
+include($_SERVER['DOCUMENT_ROOT']."/inc/main.php");
+
+// Check user
+if ($_SESSION['user'] != 'admin') {
+    exit;
+}
+
+// Check POST request
+if (!empty($_POST['save'])) {
+
+    // Check token
+    if ((!isset($_POST['token'])) || ($_SESSION['token'] != $_POST['token'])) {
+        exit();
+    }
+
+    // Set restart flag
+    $v_restart = 'yes';
+    if (empty($_POST['v_restart'])) $v_restart = 'no';
+
+    // Update config
+    if (!empty($_POST['v_config'])) {
+        exec ('mktemp', $mktemp_output, $return_var);
+        $new_conf = $mktemp_output[0];
+        $fp = fopen($new_conf, 'w');
+        fwrite($fp, str_replace("\r\n", "\n",  $_POST['v_config']));
+        fclose($fp);
+        exec (VESTA_CMD."v-change-sys-service-config ".$new_conf." nginx ".$v_restart, $output, $return_var);
+        check_return_code($return_var,$output);
+        unset($output);
+        unlink($new_conf);
+    }
+
+    // Set success message
+    if (empty($_SESSION['error_msg'])) {
+        $_SESSION['ok_msg'] = __('Changes has been saved.');
+    }
+
+}
+
+// List config
+exec (VESTA_CMD."v-list-sys-nginx-config json", $output, $return_var);
+$data = json_decode(implode('', $output), true);
+unset($output);
+$v_worker_processes = $data['CONFIG']['worker_processes'];
+$v_worker_connections = $data['CONFIG']['worker_connections'];
+$v_send_timeout = $data['CONFIG']['send_timeout'];
+$v_proxy_connect_timeout = $data['CONFIG']['proxy_connect_timeout'];
+$v_proxy_send_timeout = $data['CONFIG']['proxy_send_timeout'];
+$v_proxy_read_timeout = $data['CONFIG']['proxy_read_timeout'];
+$v_client_max_body_size = $data['CONFIG']['client_max_body_size'];
+$v_gzip = $data['CONFIG']['gzip'];
+$v_gzip_comp_level = $data['CONFIG']['gzip_comp_level'];
+$v_charset = $data['CONFIG']['charset'];
+$v_config_path = $data['CONFIG']['config_path'];
+$v_service_name = strtoupper('nginx');
+
+// Read config
+$v_config = shell_exec(VESTA_CMD."v-open-fs-config ".$v_config_path);
+
+$result = array(
+    'worker_processes' => $data['CONFIG']['worker_processes'],
+    'worker_connections' => $data['CONFIG']['worker_connections'],
+    'send_timeout' => $data['CONFIG']['send_timeout'],
+    'proxy_connect_timeout' => $data['CONFIG']['proxy_connect_timeout'],
+    'proxy_send_timeout' => $data['CONFIG']['proxy_send_timeout'],
+    'proxy_read_timeout' => $data['CONFIG']['proxy_read_timeout'],
+    'client_max_body_size' => $data['CONFIG']['client_max_body_size'],
+    'gzip' => $data['CONFIG']['gzip'],
+    'gzip_comp_level' => $data['CONFIG']['gzip_comp_level'],
+    'charset' => $data['CONFIG']['charset'],
+    'config_path' => $data['CONFIG']['config_path'],
+    'service_name' => strtoupper('nginx'),
+    'config' => $v_config,
+    'error_msg' => $_SESSION['error_msg'],
+    'ok_msg' => $_SESSION['ok_msg']
+);
+
+echo json_encode($result);
+
+// Flush session messages
+unset($_SESSION['error_msg']);
+unset($_SESSION['ok_msg']);
diff --git a/web/api/v1/edit/server/php-fpm/index.php b/web/api/v1/edit/server/php-fpm/index.php
new file mode 100644
index 000000000..066c13bfe
--- /dev/null
+++ b/web/api/v1/edit/server/php-fpm/index.php
@@ -0,0 +1,82 @@
+<?php
+error_reporting(NULL);
+$TAB = 'SERVER';
+
+header('Content-Type: application/json');
+
+// Main include
+include($_SERVER['DOCUMENT_ROOT']."/inc/main.php");
+
+// Check user
+if ($_SESSION['user'] != 'admin') {
+    exit;
+}
+
+// Check POST request
+if (!empty($_POST['save'])) {
+
+    // Check token
+    if ((!isset($_POST['token'])) || ($_SESSION['token'] != $_POST['token'])) {
+        exit();
+    }
+
+    // Set restart flag
+    $v_restart = 'yes';
+    if (empty($_POST['v_restart'])) $v_restart = 'no';
+
+    // Update config
+    if (!empty($_POST['v_config'])) {
+        exec ('mktemp', $mktemp_output, $return_var);
+        $new_conf = $mktemp_output[0];
+        $fp = fopen($new_conf, 'w');
+        fwrite($fp, str_replace("\r\n", "\n",  $_POST['v_config']));
+        fclose($fp);
+        exec (VESTA_CMD."v-change-sys-service-config ".$new_conf." php ".$v_restart, $output, $return_var);
+        check_return_code($return_var,$output);
+        unset($output);
+        unlink($new_conf);
+    }
+
+    // Set success message
+    if (empty($_SESSION['error_msg'])) {
+        $_SESSION['ok_msg'] = __('Changes has been saved.');
+    }
+
+}
+
+// List config
+exec (VESTA_CMD."v-list-sys-php-config json", $output, $return_var);
+$data = json_decode(implode('', $output), true);
+unset($output);
+$v_memory_limit = $data['CONFIG']['memory_limit'];
+$v_max_execution_time = $data['CONFIG']['max_execution_time'];
+$v_max_input_time = $data['CONFIG']['max_input_time'];
+$v_upload_max_filesize = $data['CONFIG']['upload_max_filesize'];
+$v_post_max_size = $data['CONFIG']['post_max_size'];
+$v_display_errors = $data['CONFIG']['display_errors'];
+$v_error_reporting = $data['CONFIG']['error_reporting'];
+$v_config_path = $data['CONFIG']['config_path'];
+
+# Read config
+$v_config = shell_exec(VESTA_CMD."v-open-fs-config ".$v_config_path);
+
+$result = array(
+    'memory_limit' => $data['CONFIG']['memory_limit'],
+    'max_execution_time' => $data['CONFIG']['max_execution_time'],
+    'max_input_time' => $data['CONFIG']['max_input_time'],
+    'upload_max_filesize' => $data['CONFIG']['upload_max_filesize'],
+    'post_max_size' => $data['CONFIG']['post_max_size'],
+    'display_errors' => $data['CONFIG']['display_errors'],
+    'error_reporting' => $data['CONFIG']['error_reporting'],
+    'config_path' => $data['CONFIG']['config_path'],
+    'web_system' => $_SESSION['WEB_SYSTEM'],
+    'config' => $v_config,
+    'error_msg' => $_SESSION['error_msg'],
+    'ok_msg' => $_SESSION['ok_msg']
+);
+
+echo json_encode($result);
+
+// Flush session messages
+unset($_SESSION['error_msg']);
+unset($_SESSION['ok_msg']);
\ No newline at end of file
diff --git a/web/api/v1/edit/server/php/index.php b/web/api/v1/edit/server/php/index.php
new file mode 100644
index 000000000..4ad60e1bb
--- /dev/null
+++ b/web/api/v1/edit/server/php/index.php
@@ -0,0 +1,82 @@
+<?php
+error_reporting(NULL);
+$TAB = 'SERVER';
+
+header('Content-Type: application/json');
+
+// Main include
+include($_SERVER['DOCUMENT_ROOT']."/inc/main.php");
+
+// Check user
+if ($_SESSION['user'] != 'admin') {
+    exit;
+}
+
+// Check POST request
+if (!empty($_POST['save'])) {
+
+    // Check token
+    if ((!isset($_POST['token'])) || ($_SESSION['token'] != $_POST['token'])) {
+        exit();
+    }
+
+    // Set restart flag
+    $v_restart = 'yes';
+    if (empty($_POST['v_restart'])) $v_restart = 'no';
+
+    // Update config
+    if (!empty($_POST['v_config'])) {
+        exec ('mktemp', $mktemp_output, $return_var);
+        $new_conf = $mktemp_output[0];
+        $fp = fopen($new_conf, 'w');
+        fwrite($fp, str_replace("\r\n", "\n",  $_POST['v_config']));
+        fclose($fp);
+        exec (VESTA_CMD."v-change-sys-service-config ".$new_conf." php ".$v_restart, $output, $return_var);
+        check_return_code($return_var,$output);
+        unset($output);
+        unlink($new_conf);
+    }
+
+    // Set success message
+    if (empty($_SESSION['error_msg'])) {
+        $_SESSION['ok_msg'] = __('Changes has been saved.');
+    }
+
+}
+
+// List config
+exec (VESTA_CMD."v-list-sys-php-config json", $output, $return_var);
+$data = json_decode(implode('', $output), true);
+unset($output);
+$v_memory_limit = $data['CONFIG']['memory_limit'];
+$v_max_execution_time = $data['CONFIG']['max_execution_time'];
+$v_max_input_time = $data['CONFIG']['max_input_time'];
+$v_upload_max_filesize = $data['CONFIG']['upload_max_filesize'];
+$v_post_max_size = $data['CONFIG']['post_max_size'];
+$v_display_errors = $data['CONFIG']['display_errors'];
+$v_error_reporting = $data['CONFIG']['error_reporting'];
+$v_config_path = $data['CONFIG']['config_path'];
+
+# Read config
+$v_config = shell_exec(VESTA_CMD."v-open-fs-config ".$v_config_path);
+
+$result = array(
+    'memory_limit' => $data['CONFIG']['memory_limit'],
+    'max_execution_time' => $data['CONFIG']['max_execution_time'],
+    'max_input_time' => $data['CONFIG']['max_input_time'],
+    'upload_max_filesize' => $data['CONFIG']['upload_max_filesize'],
+    'post_max_size' => $data['CONFIG']['post_max_size'],
+    'display_errors' => $data['CONFIG']['display_errors'],
+    'error_reporting' => $data['CONFIG']['error_reporting'],
+    'config_path' => $data['CONFIG']['config_path'],
+    'web_system' => $_SESSION['WEB_SYSTEM'],
+    'config' => $v_config,
+    'error_msg' => $_SESSION['error_msg'],
+    'ok_msg' => $_SESSION['ok_msg']
+);
+
+echo json_encode($result);
+
+// Flush session messages
+unset($_SESSION['error_msg']);
+unset($_SESSION['ok_msg']);
diff --git a/web/api/v1/edit/server/php5-fpm/index.php b/web/api/v1/edit/server/php5-fpm/index.php
new file mode 100644
index 000000000..066c13bfe
--- /dev/null
+++ b/web/api/v1/edit/server/php5-fpm/index.php
@@ -0,0 +1,82 @@
+<?php
+error_reporting(NULL);
+$TAB = 'SERVER';
+
+header('Content-Type: application/json');
+
+// Main include
+include($_SERVER['DOCUMENT_ROOT']."/inc/main.php");
+
+// Check user
+if ($_SESSION['user'] != 'admin') {
+    exit;
+}
+
+// Check POST request
+if (!empty($_POST['save'])) {
+
+    // Check token
+    if ((!isset($_POST['token'])) || ($_SESSION['token'] != $_POST['token'])) {
+        exit();
+    }
+
+    // Set restart flag
+    $v_restart = 'yes';
+    if (empty($_POST['v_restart'])) $v_restart = 'no';
+
+    // Update config
+    if (!empty($_POST['v_config'])) {
+        exec ('mktemp', $mktemp_output, $return_var);
+        $new_conf = $mktemp_output[0];
+        $fp = fopen($new_conf, 'w');
+        fwrite($fp, str_replace("\r\n", "\n",  $_POST['v_config']));
+        fclose($fp);
+        exec (VESTA_CMD."v-change-sys-service-config ".$new_conf." php ".$v_restart, $output, $return_var);
+        check_return_code($return_var,$output);
+        unset($output);
+        unlink($new_conf);
+    }
+
+    // Set success message
+    if (empty($_SESSION['error_msg'])) {
+        $_SESSION['ok_msg'] = __('Changes has been saved.');
+    }
+
+}
+
+// List config
+exec (VESTA_CMD."v-list-sys-php-config json", $output, $return_var);
+$data = json_decode(implode('', $output), true);
+unset($output);
+$v_memory_limit = $data['CONFIG']['memory_limit'];
+$v_max_execution_time = $data['CONFIG']['max_execution_time'];
+$v_max_input_time = $data['CONFIG']['max_input_time'];
+$v_upload_max_filesize = $data['CONFIG']['upload_max_filesize'];
+$v_post_max_size = $data['CONFIG']['post_max_size'];
+$v_display_errors = $data['CONFIG']['display_errors'];
+$v_error_reporting = $data['CONFIG']['error_reporting'];
+$v_config_path = $data['CONFIG']['config_path'];
+
+# Read config
+$v_config = shell_exec(VESTA_CMD."v-open-fs-config ".$v_config_path);
+
+$result = array(
+    'memory_limit' => $data['CONFIG']['memory_limit'],
+    'max_execution_time' => $data['CONFIG']['max_execution_time'],
+    'max_input_time' => $data['CONFIG']['max_input_time'],
+    'upload_max_filesize' => $data['CONFIG']['upload_max_filesize'],
+    'post_max_size' => $data['CONFIG']['post_max_size'],
+    'display_errors' => $data['CONFIG']['display_errors'],
+    'error_reporting' => $data['CONFIG']['error_reporting'],
+    'config_path' => $data['CONFIG']['config_path'],
+    'web_system' => $_SESSION['WEB_SYSTEM'],
+    'config' => $v_config,
+    'error_msg' => $_SESSION['error_msg'],
+    'ok_msg' => $_SESSION['ok_msg']
+);
+
+echo json_encode($result);
+
+// Flush session messages
+unset($_SESSION['error_msg']);
+unset($_SESSION['ok_msg']);
\ No newline at end of file
diff --git a/web/api/v1/edit/server/postgresql/index.php b/web/api/v1/edit/server/postgresql/index.php
new file mode 100644
index 000000000..c030cfb66
--- /dev/null
+++ b/web/api/v1/edit/server/postgresql/index.php
@@ -0,0 +1,87 @@
+<?php
+error_reporting(NULL);
+$TAB = 'SERVER';
+
+header('Content-Type: application/json');
+
+// Main include
+include($_SERVER['DOCUMENT_ROOT']."/inc/main.php");
+
+// Check user
+if ($_SESSION['user'] != 'admin') {
+    exit;
+}
+
+// Check POST request
+if (!empty($_POST['save'])) {
+
+    // Check token
+    if ((!isset($_POST['token'])) || ($_SESSION['token'] != $_POST['token'])) {
+        exit();
+    }
+
+    // Set restart flag
+    $v_restart = 'yes';
+    if (empty($_POST['v_restart'])) $v_restart = 'no';
+
+    // Update option
+    if (!empty($_POST['v_options'])) {
+        exec ('mktemp', $mktemp_output, $return_var);
+        $new_conf = $mktemp_output[0];
+        $fp = fopen($new_conf, 'w');
+        fwrite($fp, str_replace("\r\n", "\n",  $_POST['v_options']));
+        fclose($fp);
+        exec (VESTA_CMD."v-change-sys-service-config ".$new_conf." postgresql-hba ".$v_restart, $output, $return_var);
+        check_return_code($return_var,$output);
+        unset($output);
+        unlink($new_conf);
+    }
+
+    // Update config
+    if ((empty($_SESSION['error_msg'])) && (!empty($_POST['v_config']))) {
+        exec ('mktemp', $mktemp_output, $return_var);
+        $new_conf = $mktemp_output[0];
+        $fp = fopen($new_conf, 'w');
+        fwrite($fp, str_replace("\r\n", "\n",  $_POST['v_config']));
+        fclose($new_conf);
+        exec (VESTA_CMD."v-change-sys-service-config ".$new_conf." postgresql " .$v_restart, $output, $return_var);
+        check_return_code($return_var,$output);
+        unset($output);
+        unlink($new_conf);
+    }
+
+    // Set success message
+    if (empty($_SESSION['error_msg'])) {
+        $_SESSION['ok_msg'] = __('Changes has been saved.');
+    }
+
+}
+
+// List config
+exec (VESTA_CMD."v-list-sys-pgsql-config json", $output, $return_var);
+$data = json_decode(implode('', $output), true);
+unset($output);
+
+$v_options_path = $data['CONFIG']['pg_hba_path'];
+$v_config_path = $data['CONFIG']['config_path'];
+$v_service_name = strtoupper('postgresql');
+
+// Read config
+$v_options = shell_exec(VESTA_CMD."v-open-fs-config ".$v_options_path);
+$v_config = shell_exec(VESTA_CMD."v-open-fs-config ".$v_config_path);
+
+$result = array(
+    'options_path' => $v_options_path,
+    'config_path' => $v_config_path,
+    'service_name' => $v_service_name,
+    'options' => $v_options,
+    'config' => $v_config,
+    'error_msg' => $_SESSION['error_msg'],
+    'ok_msg' => $_SESSION['ok_msg']
+);
+
+echo json_encode($result);
+
+// Flush session messages
+unset($_SESSION['error_msg']);
+unset($_SESSION['ok_msg']);
diff --git a/web/api/v1/edit/server/proftpd/index.php b/web/api/v1/edit/server/proftpd/index.php
new file mode 100644
index 000000000..2f7c4d1e1
--- /dev/null
+++ b/web/api/v1/edit/server/proftpd/index.php
@@ -0,0 +1,65 @@
+<?php
+error_reporting(NULL);
+$TAB = 'SERVER';
+
+header('Content-Type: application/json');
+
+// Main include
+include($_SERVER['DOCUMENT_ROOT']."/inc/main.php");
+
+// Check user
+if ($_SESSION['user'] != 'admin') {
+    exit;
+}
+
+// Check POST request
+if (!empty($_POST['save'])) {
+
+    // Check token
+    if ((!isset($_POST['token'])) || ($_SESSION['token'] != $_POST['token'])) {
+        exit();
+    }
+
+    // Set restart flag
+    $v_restart = 'yes';
+    if (empty($_POST['v_restart'])) $v_restart = 'no';
+
+    // Update config
+    if (!empty($_POST['v_config'])) {
+        exec ('mktemp', $mktemp_output, $return_var);
+        $new_conf = $mktemp_output[0];
+        $fp = fopen($new_conf, 'w');
+        fwrite($fp, str_replace("\r\n", "\n",  $_POST['v_config']));
+        fclose($fp);
+        exec (VESTA_CMD."v-change-sys-service-config ".$new_conf." proftpd ".$v_restart, $output, $return_var);
+        check_return_code($return_var,$output);
+        unset($output);
+        unlink($new_conf);
+    }
+
+    // Set success message
+    if (empty($_SESSION['error_msg'])) {
+        $_SESSION['ok_msg'] = __('Changes has been saved.');
+    }
+
+}
+
+$v_config_path = shell_exec(VESTA_CMD.'v-list-sys-proftpd-config plain');
+$v_service_name = strtoupper('proftpd');
+
+// Read config
+$v_config = shell_exec(VESTA_CMD."v-open-fs-config ".$v_config_path);
+
+$result = array(
+    'config_path' => $v_config_path,
+    'service_name' => $v_service_name,
+    'config' => $v_config,
+    'error_msg' => $_SESSION['error_msg'],
+    'ok_msg' => $_SESSION['ok_msg']
+);
+
+echo json_encode($result);
+
+// Flush session messages
+unset($_SESSION['error_msg']);
+unset($_SESSION['ok_msg']);
\ No newline at end of file
diff --git a/web/api/v1/edit/server/spamassassin/index.php b/web/api/v1/edit/server/spamassassin/index.php
new file mode 100644
index 000000000..ef12e5a73
--- /dev/null
+++ b/web/api/v1/edit/server/spamassassin/index.php
@@ -0,0 +1,65 @@
+<?php
+error_reporting(NULL);
+$TAB = 'SERVER';
+
+header('Content-Type: application/json');
+
+// Main include
+include($_SERVER['DOCUMENT_ROOT']."/inc/main.php");
+
+// Check user
+if ($_SESSION['user'] != 'admin') {
+    exit;
+}
+
+// Check POST request
+if (!empty($_POST['save'])) {
+
+    // Check token
+    if ((!isset($_POST['token'])) || ($_SESSION['token'] != $_POST['token'])) {
+        exit();
+    }
+
+    // Set restart flag
+    $v_restart = 'yes';
+    if (empty($_POST['v_restart'])) $v_restart = 'no';
+
+    // Update config
+    if (!empty($_POST['v_config'])) {
+        exec ('mktemp', $mktemp_output, $return_var);
+        $new_conf = $mktemp_output[0];
+        $fp = fopen($new_conf, 'w');
+        fwrite($fp, str_replace("\r\n", "\n",  $_POST['v_config']));
+        fclose($fp);
+        exec (VESTA_CMD."v-change-sys-service-config ".$new_conf." spamassassin ".$v_restart, $output, $return_var);
+        check_return_code($return_var,$output);
+        unset($output);
+        unlink($new_conf);
+    }
+
+    // Set success message
+    if (empty($_SESSION['error_msg'])) {
+        $_SESSION['ok_msg'] = __('Changes has been saved.');
+    }
+
+}
+
+$v_config_path = shell_exec(VESTA_CMD.'v-list-sys-spamd-config plain');
+$v_service_name = strtoupper('spamassassin');
+
+// Read config
+$v_config = shell_exec(VESTA_CMD."v-open-fs-config ".$v_config_path);
+
+$result = array(
+    'config_path' => $v_config_path,
+    'service_name' => $v_service_name,
+    'config' => $v_config,
+    'error_msg' => $_SESSION['error_msg'],
+    'ok_msg' => $_SESSION['ok_msg']
+);
+
+echo json_encode($result);
+
+// Flush session messages
+unset($_SESSION['error_msg']);
+unset($_SESSION['ok_msg']);
\ No newline at end of file
diff --git a/web/api/v1/edit/server/spamd/index.php b/web/api/v1/edit/server/spamd/index.php
new file mode 100644
index 000000000..accfd9a6f
--- /dev/null
+++ b/web/api/v1/edit/server/spamd/index.php
@@ -0,0 +1,65 @@
+<?php
+error_reporting(NULL);
+$TAB = 'SERVER';
+
+header('Content-Type: application/json');
+
+// Main include
+include($_SERVER['DOCUMENT_ROOT']."/inc/main.php");
+
+// Check user
+if ($_SESSION['user'] != 'admin') {
+    exit;
+}
+
+// Check POST request
+if (!empty($_POST['save'])) {
+
+    // Check token
+    if ((!isset($_POST['token'])) || ($_SESSION['token'] != $_POST['token'])) {
+        exit();
+    }
+
+    // Set restart flag
+    $v_restart = 'yes';
+    if (empty($_POST['v_restart'])) $v_restart = 'no';
+
+    // Update config
+    if (!empty($_POST['v_config'])) {
+        exec ('mktemp', $mktemp_output, $return_var);
+        $new_conf = $mktemp_output[0];
+        $fp = fopen($new_conf, 'w');
+        fwrite($fp, str_replace("\r\n", "\n",  $_POST['v_config']));
+        fclose($fp);
+        exec (VESTA_CMD."v-change-sys-service-config ".$new_conf." spamd ".$v_restart, $output, $return_var);
+        check_return_code($return_var,$output);
+        unset($output);
+        unlink($new_conf);
+    }
+
+    // Set success message
+    if (empty($_SESSION['error_msg'])) {
+        $_SESSION['ok_msg'] = __('Changes has been saved.');
+    }
+
+}
+
+$v_config_path = shell_exec(VESTA_CMD.'v-list-sys-spamd-config plain');
+$v_service_name = strtoupper('spamassassin');
+
+// Read config
+$v_config = shell_exec(VESTA_CMD."v-open-fs-config ".$v_config_path);
+
+$result = array(
+    'config_path' => $v_config_path,
+    'service_name' => $v_service_name,
+    'config' => $v_config,
+    'error_msg' => $_SESSION['error_msg'],
+    'ok_msg' => $_SESSION['ok_msg']
+);
+
+echo json_encode($result);
+
+// Flush session messages
+unset($_SESSION['error_msg']);
+unset($_SESSION['ok_msg']);
\ No newline at end of file
diff --git a/web/api/v1/edit/server/vsftpd/index.php b/web/api/v1/edit/server/vsftpd/index.php
new file mode 100644
index 000000000..83b10b703
--- /dev/null
+++ b/web/api/v1/edit/server/vsftpd/index.php
@@ -0,0 +1,65 @@
+<?php
+error_reporting(NULL);
+$TAB = 'SERVER';
+
+header('Content-Type: application/json');
+
+// Main include
+include($_SERVER['DOCUMENT_ROOT']."/inc/main.php");
+
+// Check user
+if ($_SESSION['user'] != 'admin') {
+    exit;
+}
+
+// Check POST request
+if (!empty($_POST['save'])) {
+
+    // Check token
+    if ((!isset($_POST['token'])) || ($_SESSION['token'] != $_POST['token'])) {
+        exit();
+    }
+
+    // Set restart flag
+    $v_restart = 'yes';
+    if (empty($_POST['v_restart'])) $v_restart = 'no';
+
+    // Update config
+    if (!empty($_POST['v_config'])) {
+        exec ('mktemp', $mktemp_output, $return_var);
+        $new_conf = $mktemp_output[0];
+        $fp = fopen($new_conf, 'w');
+        fwrite($fp, str_replace("\r\n", "\n",  $_POST['v_config']));
+        fclose($fp);
+        exec (VESTA_CMD."v-change-sys-service-config ".$new_conf." vsftpd ".$v_restart, $output, $return_var);
+        check_return_code($return_var,$output);
+        unset($output);
+        unlink($new_conf);
+    }
+
+    // Set success message
+    if (empty($_SESSION['error_msg'])) {
+        $_SESSION['ok_msg'] = __('Changes has been saved.');
+    }
+
+}
+
+$v_config_path = shell_exec(VESTA_CMD.'v-list-sys-vsftpd-config plain');
+$v_service_name = strtoupper('vsftpd');
+
+// Read config
+$v_config = shell_exec(VESTA_CMD."v-open-fs-config ".$v_config_path);
+
+$result = array(
+    'config_path' => $v_config_path,
+    'service_name' => $v_service_name,
+    'config' => $v_config,
+    'error_msg' => $_SESSION['error_msg'],
+    'ok_msg' => $_SESSION['ok_msg']
+);
+
+echo json_encode($result);
+
+// Flush session messages
+unset($_SESSION['error_msg']);
+unset($_SESSION['ok_msg']);
\ No newline at end of file
diff --git a/web/api/v1/edit/user/index.php b/web/api/v1/edit/user/index.php
new file mode 100644
index 000000000..d2bf2733f
--- /dev/null
+++ b/web/api/v1/edit/user/index.php
@@ -0,0 +1,218 @@
+<?php
+error_reporting(NULL);
+ob_start();
+$TAB = 'USER';
+
+header('Content-Type: application/json');
+
+// Main include
+include($_SERVER['DOCUMENT_ROOT']."/inc/main.php");
+
+
+// Check user argument
+if (empty($_GET['user'])) {
+    exit;
+}
+
+// Edit as someone else?
+if (($_SESSION['user'] == 'admin') && (!empty($_GET['user']))) {
+    $user=$_GET['user'];
+    $v_username=$_GET['user'];
+} else {
+    $user=$_SESSION['user'];
+    $v_username=$_SESSION['user'];
+}
+
+// List user
+exec (VESTA_CMD."v-list-user ".escapeshellarg($v_username)." json", $output, $return_var);
+check_return_code($return_var,$output);
+$data = json_decode(implode('', $output), true);
+unset($output);
+
+// Parse user
+$v_password = "";
+$v_email = $data[$v_username]['CONTACT'];
+$v_package = $data[$v_username]['PACKAGE'];
+$v_language = $data[$v_username]['LANGUAGE'];
+$v_fname = $data[$v_username]['FNAME'];
+$v_lname = $data[$v_username]['LNAME'];
+$v_shell = $data[$v_username]['SHELL'];
+$v_ns = $data[$v_username]['NS'];
+$nameservers = explode(",", $v_ns);
+$v_ns1 = $nameservers[0];
+$v_ns2 = $nameservers[1];
+$v_ns3 = $nameservers[2];
+$v_ns4 = $nameservers[3];
+$v_ns5 = $nameservers[4];
+$v_ns6 = $nameservers[5];
+$v_ns7 = $nameservers[6];
+$v_ns8 = $nameservers[7];
+
+$v_suspended = $data[$v_username]['SUSPENDED'];
+if ( $v_suspended == 'yes' ) {
+    $v_status =  'suspended';
+} else {
+    $v_status =  'active';
+}
+$v_time = $data[$v_username]['TIME'];
+$v_date = $data[$v_username]['DATE'];
+
+// List packages
+exec (VESTA_CMD."v-list-user-packages json", $output, $return_var);
+$packages = json_decode(implode('', $output), true);
+unset($output);
+
+// List languages
+exec (VESTA_CMD."v-list-sys-languages json", $output, $return_var);
+$languages = json_decode(implode('', $output), true);
+unset($output);
+
+// List shells
+exec (VESTA_CMD."v-list-sys-shells json", $output, $return_var);
+$shells = json_decode(implode('', $output), true);
+unset($output);
+
+// Are you admin?
+
+// Check POST request
+if (!empty($_POST['save'])) {
+
+    // Check token
+    if ((!isset($_POST['token'])) || ($_SESSION['token'] != $_POST['token'])) {
+        exit();
+    }
+
+    // Change password
+    if ((!empty($_POST['v_password'])) && (empty($_SESSION['error_msg']))) {
+        $v_password = tempnam("/tmp","vst");
+        $fp = fopen($v_password, "w");
+        fwrite($fp, $_POST['v_password']."\n");
+        fclose($fp);
+        exec (VESTA_CMD."v-change-user-password ".escapeshellarg($v_username)." ".$v_password, $output, $return_var);
+        check_return_code($return_var,$output);
+        unset($output);
+        unlink($v_password);
+        $v_password = escapeshellarg($_POST['v_password']);
+    }
+
+    // Change package (admin only)
+    if (($v_package != $_POST['v_package']) && ($_SESSION['user'] == 'admin') && (empty($_SESSION['error_msg']))) {
+        $v_package = escapeshellarg($_POST['v_package']);
+        exec (VESTA_CMD."v-change-user-package ".escapeshellarg($v_username)." ".$v_package, $output, $return_var);
+        check_return_code($return_var,$output);
+        unset($output);
+    }
+
+    // Change language
+    if (($v_language != $_POST['v_language']) && (empty($_SESSION['error_msg']))) {
+        $v_language = escapeshellarg($_POST['v_language']);
+        exec (VESTA_CMD."v-change-user-language ".escapeshellarg($v_username)." ".$v_language, $output, $return_var);
+        check_return_code($return_var,$output);
+        if (empty($_SESSION['error_msg'])) {
+             if ((empty($_GET['user'])) || ($_GET['user'] == $_SESSION['user'])) $_SESSION['language'] = $_POST['v_language'];
+        }
+        unset($output);
+    }
+
+    // Change shell (admin only)
+    if (($v_shell != $_POST['v_shell']) && ($_SESSION['user'] == 'admin') && (empty($_SESSION['error_msg']))) {
+        $v_shell = escapeshellarg($_POST['v_shell']);
+        exec (VESTA_CMD."v-change-user-shell ".escapeshellarg($v_username)." ".$v_shell, $output, $return_var);
+        check_return_code($return_var,$output);
+        unset($output);
+    }
+
+    // Change contact email
+    if (($v_email != $_POST['v_email']) && (empty($_SESSION['error_msg']))) {
+        if (!filter_var($_POST['v_email'], FILTER_VALIDATE_EMAIL)) {
+            $_SESSION['error_msg'] = __('Please enter valid email address.');
+        } else {
+            $v_email = escapeshellarg($_POST['v_email']);
+            exec (VESTA_CMD."v-change-user-contact ".escapeshellarg($v_username)." ".$v_email, $output, $return_var);
+            check_return_code($return_var,$output);
+            unset($output);
+        }
+    }
+
+    // Change full name
+    if (($v_fname != $_POST['v_fname']) || ($v_lname != $_POST['v_lname']) && (empty($_SESSION['error_msg']))) {
+        $v_fname = escapeshellarg($_POST['v_fname']);
+        $v_lname = escapeshellarg($_POST['v_lname']);
+        exec (VESTA_CMD."v-change-user-name ".escapeshellarg($v_username)." ".$v_fname." ".$v_lname, $output, $return_var);
+        check_return_code($return_var,$output);
+        unset($output);
+        $v_fname = $_POST['v_fname'];
+        $v_lname = $_POST['v_lname'];
+    }
+
+    // Change NameServers
+    if (($v_ns1 != $_POST['v_ns1']) || ($v_ns2 != $_POST['v_ns2']) || ($v_ns3 != $_POST['v_ns3']) || ($v_ns4 != $_POST['v_ns4']) || ($v_ns5 != $_POST['v_ns5'])
+ || ($v_ns6 != $_POST['v_ns6']) || ($v_ns7 != $_POST['v_ns7']) || ($v_ns8 != $_POST['v_ns8']) && (empty($_SESSION['error_msg']))) {
+        $v_ns1 = escapeshellarg($_POST['v_ns1']);
+        $v_ns2 = escapeshellarg($_POST['v_ns2']);
+        $v_ns3 = escapeshellarg($_POST['v_ns3']);
+        $v_ns4 = escapeshellarg($_POST['v_ns4']);
+        $v_ns5 = escapeshellarg($_POST['v_ns5']);
+        $v_ns6 = escapeshellarg($_POST['v_ns6']);
+        $v_ns7 = escapeshellarg($_POST['v_ns7']);
+        $v_ns8 = escapeshellarg($_POST['v_ns8']);
+        $ns_cmd = VESTA_CMD."v-change-user-ns ".escapeshellarg($v_username)." ".$v_ns1." ".$v_ns2;
+        if (!empty($_POST['v_ns3'])) $ns_cmd = $ns_cmd." ".$v_ns3;
+        if (!empty($_POST['v_ns4'])) $ns_cmd = $ns_cmd." ".$v_ns4;
+        if (!empty($_POST['v_ns5'])) $ns_cmd = $ns_cmd." ".$v_ns5;
+        if (!empty($_POST['v_ns6'])) $ns_cmd = $ns_cmd." ".$v_ns6;
+        if (!empty($_POST['v_ns7'])) $ns_cmd = $ns_cmd." ".$v_ns7;
+        if (!empty($_POST['v_ns8'])) $ns_cmd = $ns_cmd." ".$v_ns8;
+        exec ($ns_cmd, $output, $return_var);
+        check_return_code($return_var,$output);
+        unset($output);
+
+        $v_ns1 = str_replace("'","", $v_ns1);
+        $v_ns2 = str_replace("'","", $v_ns2);
+        $v_ns3 = str_replace("'","", $v_ns3);
+        $v_ns4 = str_replace("'","", $v_ns4);
+        $v_ns5 = str_replace("'","", $v_ns5);
+        $v_ns6 = str_replace("'","", $v_ns6);
+        $v_ns7 = str_replace("'","", $v_ns7);
+        $v_ns8 = str_replace("'","", $v_ns8);
+    }
+
+    // Set success message
+    if (empty($_SESSION['error_msg'])) {
+        $_SESSION['ok_msg'] = __('Changes has been saved.');
+    }
+}
+
+$result = array(
+	'password' => '',
+	'email' => $data[$v_username]['CONTACT'],
+	'package' => $data[$v_username]['PACKAGE'],
+	'language' => $data[$v_username]['LANGUAGE'],
+	'fname' => $data[$v_username]['FNAME'],
+	'lname' => $data[$v_username]['LNAME'],
+	'shell' => $data[$v_username]['SHELL'],
+	'nameservers' => $nameservers,
+	'ns1' => $nameservers[0],
+	'ns2' => $nameservers[1],
+	'ns3' => $nameservers[2],
+	'ns4' => $nameservers[3],
+	'ns5' => $nameservers[4],
+	'ns6' => $nameservers[5],
+	'ns7' => $nameservers[6],
+	'ns8' => $nameservers[7],
+	'suspended' => $data[$v_username]['SUSPENDED'],
+	'status' => $v_status,
+	'time' => $data[$v_username]['TIME'],
+	'date' => $data[$v_username]['DATE'],
+    'error_msg' => $_SESSION['error_msg'],
+    'ok_msg' => $_SESSION['ok_msg'],
+    'packages' => $packages,
+    'languages' => $languages,
+    'shells' => $shells
+);
+
+echo json_encode($result);
+
+// Flush session messages
+unset($_SESSION['error_msg']);
+unset($_SESSION['ok_msg']);
diff --git a/web/api/v1/edit/web/index.php b/web/api/v1/edit/web/index.php
new file mode 100644
index 000000000..eb880edf6
--- /dev/null
+++ b/web/api/v1/edit/web/index.php
@@ -0,0 +1,810 @@
+<?php
+
+header('Access-Control-Allow-Origin : http://localhost:3000');
+header('Access-Control-Allow-Credentials : true');
+header('Access-Control-Allow-Methods : GET, POST, OPTIONS');
+header("Access-Control-Allow-Headers : Origin, Content-Type, Accept");
+
+error_reporting(NULL);
+ob_start();
+unset($_SESSION['error_msg']);
+$TAB = 'WEB';
+
+
+// Main include
+include($_SERVER['DOCUMENT_ROOT']."/inc/main.php");
+
+// Check domain argument
+if (empty($_GET['domain'])) {
+    exit;
+}
+
+// Edit as someone else?
+if (($_SESSION['user'] == 'admin') && (!empty($_GET['user']))) {
+    $user=escapeshellarg($_GET['user']);
+}
+
+// List domain
+$v_domain = escapeshellarg($_GET['domain']);
+exec (VESTA_CMD."v-list-web-domain ".$user." ".$v_domain." json", $output, $return_var);
+$data = json_decode(implode('', $output), true);
+unset($output);
+
+// Parse domain
+$v_username = $user;
+$v_domain = $_GET['domain'];
+$v_ip = $data[$v_domain]['IP'];
+$v_template = $data[$v_domain]['TPL'];
+$v_aliases = str_replace(',', "\n", $data[$v_domain]['ALIAS']);
+$valiases = explode(",", $data[$v_domain]['ALIAS']);
+$v_tpl = $data[$v_domain]['IP'];
+$v_cgi = $data[$v_domain]['CGI'];
+$v_elog = $data[$v_domain]['ELOG'];
+$v_ssl = $data[$v_domain]['SSL'];
+if (!empty($v_ssl)) {
+    exec (VESTA_CMD."v-list-web-domain-ssl ".$user." ".escapeshellarg($v_domain)." json", $output, $return_var);
+    $ssl_str = json_decode(implode('', $output), true);
+    unset($output);
+    $v_ssl_crt = $ssl_str[$v_domain]['CRT'];
+    $v_ssl_key = $ssl_str[$v_domain]['KEY'];
+    $v_ssl_ca = $ssl_str[$v_domain]['CA'];
+    $v_ssl_subject = $ssl_str[$v_domain]['SUBJECT'];
+    $v_ssl_aliases = $ssl_str[$v_domain]['ALIASES'];
+    $v_ssl_not_before = $ssl_str[$v_domain]['NOT_BEFORE'];
+    $v_ssl_not_after = $ssl_str[$v_domain]['NOT_AFTER'];
+    $v_ssl_signature = $ssl_str[$v_domain]['SIGNATURE'];
+    $v_ssl_pub_key = $ssl_str[$v_domain]['PUB_KEY'];
+    $v_ssl_issuer = $ssl_str[$v_domain]['ISSUER'];
+}
+$v_letsencrypt = $data[$v_domain]['LETSENCRYPT'];
+if (empty($v_letsencrypt)) $v_letsencrypt = 'no';
+$v_ssl_home = $data[$v_domain]['SSL_HOME'];
+$v_backend_template = $data[$v_domain]['BACKEND'];
+$v_proxy = $data[$v_domain]['PROXY'];
+$v_proxy_template = $data[$v_domain]['PROXY'];
+$v_proxy_ext = str_replace(',', ', ', $data[$v_domain]['PROXY_EXT']);
+$v_stats = $data[$v_domain]['STATS'];
+$v_stats_user = $data[$v_domain]['STATS_USER'];
+if (!empty($v_stats_user)) $v_stats_password = "";
+$v_ftp_user = $data[$v_domain]['FTP_USER'];
+$v_ftp_path = $data[$v_domain]['FTP_PATH'];
+if (!empty($v_ftp_user)) $v_ftp_password = "";
+$v_ftp_user_prepath = $data[$v_domain]['DOCUMENT_ROOT'];
+$v_ftp_user_prepath = str_replace('/public_html', '', $v_ftp_user_prepath, $occurance = 1);
+$v_ftp_email = $panel[$user]['CONTACT'];
+$v_suspended = $data[$v_domain]['SUSPENDED'];
+if ( $v_suspended == 'yes' ) {
+    $v_status =  'suspended';
+} else {
+    $v_status =  'active';
+}
+$v_time = $data[$v_domain]['TIME'];
+$v_date = $data[$v_domain]['DATE'];
+
+// List ip addresses
+exec (VESTA_CMD."v-list-user-ips ".$user." json", $output, $return_var);
+$ips = json_decode(implode('', $output), true);
+unset($output);
+
+// List web templates
+exec (VESTA_CMD."v-list-web-templates json", $output, $return_var);
+$templates = json_decode(implode('', $output), true);
+unset($output);
+
+// List backend templates
+if (!empty($_SESSION['WEB_BACKEND'])) {
+    exec (VESTA_CMD."v-list-web-templates-backend json", $output, $return_var);
+    $backend_templates = json_decode(implode('', $output), true);
+    unset($output);
+}
+
+// List proxy templates
+if (!empty($_SESSION['PROXY_SYSTEM'])) {
+    exec (VESTA_CMD."v-list-web-templates-proxy json", $output, $return_var);
+    $proxy_templates = json_decode(implode('', $output), true);
+    unset($output);
+}
+
+// List web stat engines
+exec (VESTA_CMD."v-list-web-stats json", $output, $return_var);
+$stats = json_decode(implode('', $output), true);
+unset($output);
+
+// Check POST request
+if (!empty($_POST['save'])) {
+    $v_domain = escapeshellarg($_POST['v_domain']);
+
+    // Check token
+    if ((!isset($_POST['token'])) || ($_SESSION['token'] != $_POST['token'])) {
+        header('location: /login/');
+        exit();
+    }
+
+    // Change web domain IP
+    if (($v_ip != $_POST['v_ip']) && (empty($_SESSION['error_msg']))) {
+        $v_ip = escapeshellarg($_POST['v_ip']);
+        exec (VESTA_CMD."v-change-web-domain-ip ".$v_username." ".$v_domain." ".$v_ip." no", $output, $return_var);
+        check_return_code($return_var,$output);
+        $restart_web = 'yes';
+        $restart_proxy = 'yes';
+        unset($output);
+    }
+
+    // Chane dns domain IP
+    if (($v_ip != $_POST['v_ip']) && (empty($_SESSION['error_msg'])))  {
+        exec (VESTA_CMD."v-list-dns-domain ".$v_username." ".$v_domain." json", $output, $return_var);
+        unset($output);
+        if ($return_var == 0 ) {
+            $v_ip = escapeshellarg($_POST['v_ip']);
+            exec (VESTA_CMD."v-change-dns-domain-ip ".$v_username." ".$v_domain." ".$v_ip." no", $output, $return_var);
+            check_return_code($return_var,$output);
+            unset($output);
+            $restart_dns = 'yes';
+        }
+    }
+
+    // Change dns ip for each alias
+    if (($v_ip != $_POST['v_ip']) && (empty($_SESSION['error_msg']))) {
+        foreach($valiases as $v_alias ){
+            $v_alias = escapeshellarg($v_alias);
+            exec (VESTA_CMD."v-list-dns-domain ".$v_username." ".$v_alias." json", $output, $return_var);
+            unset($output);
+            if ($return_var == 0 ) {
+                $v_ip = escapeshellarg($_POST['v_ip']);
+                exec (VESTA_CMD."v-change-dns-domain-ip ".$v_username." ".$v_alias." ".$v_ip, $output, $return_var);
+                check_return_code($return_var,$output);
+                unset($output);
+                $restart_dns = 'yes';
+            }
+        }
+    }
+
+    // Change template (admin only)
+    if (($v_template != $_POST['v_template']) && ( $_SESSION['user'] == 'admin') && (empty($_SESSION['error_msg']))) {
+        $v_template = escapeshellarg($_POST['v_template']);
+        exec (VESTA_CMD."v-change-web-domain-tpl ".$v_username." ".$v_domain." ".$v_template." no", $output, $return_var);
+        check_return_code($return_var,$output);
+        unset($output);
+        $restart_web = 'yes';
+    }
+
+    // Change aliases
+    if (empty($_SESSION['error_msg'])) {
+        $waliases = preg_replace("/\n/", " ", $_POST['v_aliases']);
+        $waliases = preg_replace("/,/", " ", $waliases);
+        $waliases = preg_replace('/\s+/', ' ',$waliases);
+        $waliases = trim($waliases);
+        $aliases = explode(" ", $waliases);
+        $v_aliases = str_replace(' ', "\n", $waliases);
+        $result = array_diff($valiases, $aliases);
+        foreach ($result as $alias) {
+            if ((empty($_SESSION['error_msg'])) && (!empty($alias))) {
+                $restart_web = 'yes';
+                $restart_proxy = 'yes';
+                $v_template = escapeshellarg($_POST['v_template']);
+                $alias = escapeshellarg($alias);
+                exec (VESTA_CMD."v-delete-web-domain-alias ".$v_username." ".$v_domain." ".$alias." no", $output, $return_var);
+                check_return_code($return_var,$output);
+                unset($output);
+
+                if (empty($_SESSION['error_msg'])) {
+                    exec (VESTA_CMD."v-list-dns-domain ".$v_username." ".$v_domain, $output, $return_var);
+                    unset($output);
+                    if ($return_var == 0) {
+                        exec (VESTA_CMD."v-delete-dns-on-web-alias ".$v_username." ".$v_domain." ".$alias." no", $output, $return_var);
+                        check_return_code($return_var,$output);
+                        unset($output);
+                        $restart_dns = 'yes';
+                    }
+                }
+            }
+        }
+
+        $result = array_diff($aliases, $valiases);
+        foreach ($result as $alias) {
+            if ((empty($_SESSION['error_msg'])) && (!empty($alias))) {
+                $restart_web = 'yes';
+                $restart_proxy = 'yes';
+                $v_template = escapeshellarg($_POST['v_template']);
+                $alias = escapeshellarg($alias);
+                exec (VESTA_CMD."v-add-web-domain-alias ".$v_username." ".$v_domain." ".$alias." no", $output, $return_var);
+                check_return_code($return_var,$output);
+                unset($output);
+                if (empty($_SESSION['error_msg'])) {
+                    exec (VESTA_CMD."v-list-dns-domain ".$v_username." ".$v_domain, $output, $return_var);
+                    unset($output);
+                    if ($return_var == 0) {
+                        exec (VESTA_CMD."v-add-dns-on-web-alias ".$v_username." ".$alias." ".$v_ip." no", $output, $return_var);
+                        check_return_code($return_var,$output);
+                    unset($output);
+                        $restart_dns = 'yes';
+                    }
+                }
+            }
+        }
+    }
+
+    // Change backend template
+    if ((!empty($_SESSION['WEB_BACKEND'])) && ( $v_backend_template != $_POST['v_backend_template']) && ( $_SESSION['user'] == 'admin') && (empty($_SESSION['error_msg']))) {
+        $v_backend_template = $_POST['v_backend_template'];
+        exec (VESTA_CMD."v-change-web-domain-backend-tpl ".$v_username." ".$v_domain." ".escapeshellarg($v_backend_template), $output, $return_var);
+        check_return_code($return_var,$output);
+        unset($output);
+    }
+
+    // Delete proxy support
+    if ((!empty($_SESSION['PROXY_SYSTEM'])) && (!empty($v_proxy)) && (empty($_POST['v_proxy'])) && (empty($_SESSION['error_msg']))) {
+        exec (VESTA_CMD."v-delete-web-domain-proxy ".$v_username." ".$v_domain." no", $output, $return_var);
+        check_return_code($return_var,$output);
+        unset($output);
+        unset($v_proxy);
+        $restart_proxy = 'yes';
+    }
+
+    // Change proxy template / Update extension list (admin only)
+    if ((!empty($_SESSION['PROXY_SYSTEM'])) && (!empty($v_proxy)) && (!empty($_POST['v_proxy'])) && (empty($_SESSION['error_msg'])) && ($_SESSION['user'] == 'admin')) {
+        $ext = preg_replace("/\n/", " ", $_POST['v_proxy_ext']);
+        $ext = preg_replace("/,/", " ", $ext);
+        $ext = preg_replace('/\s+/', ' ',$ext);
+        $ext = trim($ext);
+        $ext = str_replace(' ', ", ", $ext);
+        if (( $v_proxy_template != $_POST['v_proxy_template']) || ($v_proxy_ext != $ext)) {
+            $ext = str_replace(', ', ",", $ext);
+            if (!empty($_POST['v_proxy_template'])) $v_proxy_template = $_POST['v_proxy_template'];
+            exec (VESTA_CMD."v-change-web-domain-proxy-tpl ".$v_username." ".$v_domain." ".escapeshellarg($v_proxy_template)." ".escapeshellarg($ext)." no", $output, $return_var);
+            check_return_code($return_var,$output);
+            $v_proxy_ext = str_replace(',', ', ', $ext);
+            unset($output);
+            $restart_proxy = 'yes';
+        }
+    }
+
+    // Add proxy support
+    if ((!empty($_SESSION['PROXY_SYSTEM'])) && (empty($v_proxy)) && (!empty($_POST['v_proxy'])) && (empty($_SESSION['error_msg']))) {
+        $v_proxy_template = $_POST['v_proxy_template'];
+        if (!empty($_POST['v_proxy_ext'])) {
+            $ext = preg_replace("/\n/", " ", $_POST['v_proxy_ext']);
+            $ext = preg_replace("/,/", " ", $ext);
+            $ext = preg_replace('/\s+/', ' ',$ext);
+            $ext = trim($ext);
+            $ext = str_replace(' ', ",", $ext);
+            $v_proxy_ext = str_replace(',', ', ', $ext);
+        }
+        exec (VESTA_CMD."v-add-web-domain-proxy ".$v_username." ".$v_domain." ".escapeshellarg($v_proxy_template)." ".escapeshellarg($ext)." no", $output, $return_var);
+        check_return_code($return_var,$output);
+        unset($output);
+        $restart_proxy = 'yes';
+    }
+
+    // Change document root for ssl domain
+    if (( $v_ssl == 'yes') && (!empty($_POST['v_ssl'])) && (empty($_SESSION['error_msg']))) {
+        if ( $v_ssl_home != $_POST['v_ssl_home'] ) {
+            $v_ssl_home = escapeshellarg($_POST['v_ssl_home']);
+            exec (VESTA_CMD."v-change-web-domain-sslhome ".$user." ".$v_domain." ".$v_ssl_home." no", $output, $return_var);
+            check_return_code($return_var,$output);
+            $v_ssl_home = $_POST['v_ssl_home'];
+            $restart_web = 'yes';
+            $restart_proxy = 'yes';
+            unset($output);
+        }
+    }
+
+    // Change SSL certificate
+    if (( $v_letsencrypt == 'no' ) && (empty($_POST['v_letsencrypt'])) && ( $v_ssl == 'yes' ) && (!empty($_POST['v_ssl'])) && (empty($_SESSION['error_msg']))) {
+        if (( $v_ssl_crt != str_replace("\r\n", "\n",  $_POST['v_ssl_crt'])) || ( $v_ssl_key != str_replace("\r\n", "\n",  $_POST['v_ssl_key'])) || ( $v_ssl_ca != str_replace("\r\n", "\n",  $_POST['v_ssl_ca']))) {
+            exec ('mktemp -d', $mktemp_output, $return_var);
+            $tmpdir = $mktemp_output[0];
+
+            // Certificate
+            if (!empty($_POST['v_ssl_crt'])) {
+                $fp = fopen($tmpdir."/".$_POST['v_domain'].".crt", 'w');
+                fwrite($fp, str_replace("\r\n", "\n",  $_POST['v_ssl_crt']));
+                fwrite($fp, "\n");
+                fclose($fp);
+            }
+
+            // Key
+            if (!empty($_POST['v_ssl_key'])) {
+                $fp = fopen($tmpdir."/".$_POST['v_domain'].".key", 'w');
+                fwrite($fp, str_replace("\r\n", "\n", $_POST['v_ssl_key']));
+                fwrite($fp, "\n");
+                fclose($fp);
+            }
+
+            // CA
+            if (!empty($_POST['v_ssl_ca'])) {
+                $fp = fopen($tmpdir."/".$_POST['v_domain'].".ca", 'w');
+                fwrite($fp, str_replace("\r\n", "\n", $_POST['v_ssl_ca']));
+                fwrite($fp, "\n");
+                fclose($fp);
+            }
+
+            exec (VESTA_CMD."v-change-web-domain-sslcert ".$user." ".$v_domain." ".$tmpdir." no", $output, $return_var);
+            check_return_code($return_var,$output);
+            unset($output);
+            $restart_web = 'yes';
+            $restart_proxy = 'yes';
+
+            exec (VESTA_CMD."v-list-web-domain-ssl ".$user." ".$v_domain." json", $output, $return_var);
+            $ssl_str = json_decode(implode('', $output), true);
+            unset($output);
+            $v_ssl_crt = $ssl_str[$v_domain]['CRT'];
+            $v_ssl_key = $ssl_str[$v_domain]['KEY'];
+            $v_ssl_ca = $ssl_str[$v_domain]['CA'];
+            $v_ssl_subject = $ssl_str[$v_domain]['SUBJECT'];
+            $v_ssl_aliases = $ssl_str[$v_domain]['ALIASES'];
+            $v_ssl_not_before = $ssl_str[$v_domain]['NOT_BEFORE'];
+            $v_ssl_not_after = $ssl_str[$v_domain]['NOT_AFTER'];
+            $v_ssl_signature = $ssl_str[$v_domain]['SIGNATURE'];
+            $v_ssl_pub_key = $ssl_str[$v_domain]['PUB_KEY'];
+            $v_ssl_issuer = $ssl_str[$v_domain]['ISSUER'];
+
+            // Cleanup certificate tempfiles
+            if (!empty($_POST['v_ssl_crt'])) unlink($tmpdir."/".$_POST['v_domain'].".crt");
+            if (!empty($_POST['v_ssl_key'])) unlink($tmpdir."/".$_POST['v_domain'].".key");
+            if (!empty($_POST['v_ssl_ca']))  unlink($tmpdir."/".$_POST['v_domain'].".ca");
+            rmdir($tmpdir);
+        }
+    }
+
+    // Delete Lets Encrypt support
+    if (( $v_letsencrypt == 'yes' ) && (empty($_POST['v_letsencrypt'])) && (empty($_SESSION['error_msg']))) {
+        exec (VESTA_CMD."v-delete-letsencrypt-domain ".$user." ".$v_domain." no", $output, $return_var);
+        check_return_code($return_var,$output);
+        unset($output);
+        $v_ssl_crt = '';
+        $v_ssl_key = '';
+        $v_ssl_ca = '';
+        $v_letsencrypt = 'no';
+        $v_letsencrypt_deleted = 'yes';
+        $v_ssl = 'no';
+        $restart_web = 'yes';
+        $restart_proxy = 'yes';
+    }
+
+    // Delete SSL certificate
+    if (( $v_ssl == 'yes' ) && (empty($_POST['v_ssl'])) && (empty($_SESSION['error_msg']))) {
+        exec (VESTA_CMD."v-delete-web-domain-ssl ".$v_username." ".$v_domain." no", $output, $return_var);
+        check_return_code($return_var,$output);
+        unset($output);
+        $v_ssl_crt = '';
+        $v_ssl_key = '';
+        $v_ssl_ca = '';
+        $v_ssl = 'no';
+        $restart_web = 'yes';
+        $restart_proxy = 'yes';
+    }
+
+    // Add Lets Encrypt support
+    if ((!empty($_POST['v_ssl'])) && ( $v_letsencrypt == 'no' ) && (!empty($_POST['v_letsencrypt'])) && empty($_SESSION['error_msg'])) {
+        $l_aliases = str_replace("\n", ',', $v_aliases);
+        exec (VESTA_CMD."v-add-letsencrypt-domain ".$user." ".$v_domain." ".escapeshellarg($l_aliases)." no", $output, $return_var);
+        check_return_code($return_var,$output);
+        unset($output);
+        $v_letsencrypt = 'yes';
+        $v_ssl = 'yes';
+        $restart_web = 'yes';
+        $restart_proxy = 'yes';
+     }
+
+     // Add SSL certificate
+     if (( $v_ssl == 'no' ) && (!empty($_POST['v_ssl']))  && (empty($v_letsencrypt_deleted)) && (empty($_SESSION['error_msg']))) {
+        if (empty($_POST['v_ssl_crt'])) $errors[] = 'ssl certificate';
+        if (empty($_POST['v_ssl_key'])) $errors[] = 'ssl key';
+        if (empty($_POST['v_ssl_home'])) $errors[] = 'ssl home';
+        $v_ssl_home = escapeshellarg($_POST['v_ssl_home']);
+        if (!empty($errors[0])) {
+            foreach ($errors as $i => $error) {
+                if ( $i == 0 ) {
+                    $error_msg = $error;
+                } else {
+                    $error_msg = $error_msg.", ".$error;
+                }
+            }
+            $_SESSION['error_msg'] = __('Field "%s" can not be blank.',$error_msg);
+        } else {
+            exec ('mktemp -d', $mktemp_output, $return_var);
+            $tmpdir = $mktemp_output[0];
+
+            // Certificate
+            if (!empty($_POST['v_ssl_crt'])) {
+                $fp = fopen($tmpdir."/".$_POST['v_domain'].".crt", 'w');
+                fwrite($fp, str_replace("\r\n", "\n", $_POST['v_ssl_crt']));
+                fclose($fp);
+            }
+
+            // Key
+            if (!empty($_POST['v_ssl_key'])) {
+                $fp = fopen($tmpdir."/".$_POST['v_domain'].".key", 'w');
+                fwrite($fp, str_replace("\r\n", "\n", $_POST['v_ssl_key']));
+                fclose($fp);
+            }
+
+            // CA
+            if (!empty($_POST['v_ssl_ca'])) {
+                $fp = fopen($tmpdir."/".$_POST['v_domain'].".ca", 'w');
+                fwrite($fp, str_replace("\r\n", "\n", $_POST['v_ssl_ca']));
+                fclose($fp);
+            }
+            exec (VESTA_CMD."v-add-web-domain-ssl ".$user." ".$v_domain." ".$tmpdir." ".$v_ssl_home." no", $output, $return_var);
+            check_return_code($return_var,$output);
+            unset($output);
+            $v_ssl = 'yes';
+            $restart_web = 'yes';
+            $restart_proxy = 'yes';
+
+            exec (VESTA_CMD."v-list-web-domain-ssl ".$user." ".$v_domain." json", $output, $return_var);
+            $ssl_str = json_decode(implode('', $output), true);
+            unset($output);
+            $v_ssl_crt = $ssl_str[$_POST['v_domain']]['CRT'];
+            $v_ssl_key = $ssl_str[$_POST['v_domain']]['KEY'];
+            $v_ssl_ca = $ssl_str[$_POST['v_domain']]['CA'];
+            $v_ssl_subject = $ssl_str[$_POST['v_domain']]['SUBJECT'];
+            $v_ssl_aliases = $ssl_str[$_POST['v_domain']]['ALIASES'];
+            $v_ssl_not_before = $ssl_str[$_POST['v_domain']]['NOT_BEFORE'];
+            $v_ssl_not_after = $ssl_str[$_POST['v_domain']]['NOT_AFTER'];
+            $v_ssl_signature = $ssl_str[$_POST['v_domain']]['SIGNATURE'];
+            $v_ssl_pub_key = $ssl_str[$_POST['v_domain']]['PUB_KEY'];
+            $v_ssl_issuer = $ssl_str[$_POST['v_domain']]['ISSUER'];
+
+            // Cleanup certificate tempfiles
+            if (!empty($_POST['v_ssl_crt'])) unlink($tmpdir."/".$_POST['v_domain'].".crt");
+            if (!empty($_POST['v_ssl_key'])) unlink($tmpdir."/".$_POST['v_domain'].".key");
+            if (!empty($_POST['v_ssl_ca'])) unlink($tmpdir."/".$_POST['v_domain'].".ca");
+            rmdir($tmpdir);
+        }
+    }
+
+
+
+    // Delete web stats
+    if ((!empty($v_stats)) && ($_POST['v_stats'] == 'none') && (empty($_SESSION['error_msg']))) {
+        exec (VESTA_CMD."v-delete-web-domain-stats ".$v_username." ".$v_domain, $output, $return_var);
+        check_return_code($return_var,$output);
+        unset($output);
+        $v_stats = '';
+    }
+
+    // Change web stats engine
+    if ((!empty($v_stats)) && ($_POST['v_stats'] != $v_stats) && (empty($_SESSION['error_msg']))) {
+        $v_stats = escapeshellarg($_POST['v_stats']);
+        exec (VESTA_CMD."v-change-web-domain-stats ".$v_username." ".$v_domain." ".$v_stats, $output, $return_var);
+        check_return_code($return_var,$output);
+        unset($output);
+    }
+
+    // Add web stats
+    if ((empty($v_stats)) && ($_POST['v_stats'] != 'none') && (empty($_SESSION['error_msg']))) {
+        $v_stats = escapeshellarg($_POST['v_stats']);
+        exec (VESTA_CMD."v-add-web-domain-stats ".$v_username." ".$v_domain." ".$v_stats, $output, $return_var);
+        check_return_code($return_var,$output);
+        unset($output);
+    }
+
+    // Delete web stats authorization
+    if ((!empty($v_stats_user)) && (empty($_POST['v_stats_auth'])) && (empty($_SESSION['error_msg']))) {
+        exec (VESTA_CMD."v-delete-web-domain-stats-user ".$v_username." ".$v_domain, $output, $return_var);
+        check_return_code($return_var,$output);
+        unset($output);
+        $v_stats_user = '';
+        $v_stats_password = '';
+    }
+
+    // Change web stats user or password
+    if ((empty($v_stats_user)) && (!empty($_POST['v_stats_auth'])) && (empty($_SESSION['error_msg']))) {
+        if (empty($_POST['v_stats_user'])) $errors[] = __('stats username');
+        if (!empty($errors[0])) {
+            foreach ($errors as $i => $error) {
+                if ( $i == 0 ) {
+                    $error_msg = $error;
+                } else {
+                    $error_msg = $error_msg.", ".$error;
+                }
+            }
+            $_SESSION['error_msg'] = __('Field "%s" can not be blank.',$error_msg);
+        } else {
+            $v_stats_user = escapeshellarg($_POST['v_stats_user']);
+            $v_stats_password = tempnam("/tmp","vst");
+            $fp = fopen($v_stats_password, "w");
+            fwrite($fp, $_POST['v_stats_password']."\n");
+            fclose($fp);
+            exec (VESTA_CMD."v-add-web-domain-stats-user ".$v_username." ".$v_domain." ".$v_stats_user." ".$v_stats_password, $output, $return_var);
+            check_return_code($return_var,$output);
+            unset($output);
+            unlink($v_stats_password);
+            $v_stats_password = escapeshellarg($_POST['v_stats_password']);
+        }
+    }
+
+    // Add web stats authorization
+    if ((!empty($v_stats_user)) && (!empty($_POST['v_stats_auth'])) && (empty($_SESSION['error_msg']))) {
+        if (empty($_POST['v_stats_user'])) $errors[] = __('stats user');
+        if (!empty($errors[0])) {
+            foreach ($errors as $i => $error) {
+                if ( $i == 0 ) {
+                    $error_msg = $error;
+                } else {
+                    $error_msg = $error_msg.", ".$error;
+                }
+            }
+            $_SESSION['error_msg'] = __('Field "%s" can not be blank.',$error_msg);
+        }
+        if (($v_stats_user != $_POST['v_stats_user']) || (!empty($_POST['v_stats_password'])) && (empty($_SESSION['error_msg']))) {
+            $v_stats_user = escapeshellarg($_POST['v_stats_user']);
+            $v_stats_password = tempnam("/tmp","vst");
+            $fp = fopen($v_stats_password, "w");
+            fwrite($fp, $_POST['v_stats_password']."\n");
+            fclose($fp);
+            exec (VESTA_CMD."v-add-web-domain-stats-user ".$v_username." ".$v_domain." ".$v_stats_user." ".$v_stats_password, $output, $return_var);
+            check_return_code($return_var,$output);
+            unset($output);
+            unlink($v_stats_password);
+            $v_stats_password = escapeshellarg($_POST['v_stats_password']);
+        }
+    }
+
+    // Update ftp account
+    if (!empty($_POST['v_ftp_user'])) {
+        $v_ftp_users_updated = array();
+        foreach ($_POST['v_ftp_user'] as $i => $v_ftp_user_data) {
+            if (empty($v_ftp_user_data['v_ftp_user'])) {
+                continue;
+            }
+
+            $v_ftp_user_data['v_ftp_user'] = preg_replace("/^".$user."_/i", "", $v_ftp_user_data['v_ftp_user']);
+            if ($v_ftp_user_data['is_new'] == 1 && !empty($_POST['v_ftp'])) {
+                if ((!empty($v_ftp_user_data['v_ftp_email'])) && (!filter_var($v_ftp_user_data['v_ftp_email'], FILTER_VALIDATE_EMAIL))) $_SESSION['error_msg'] = __('Please enter valid email address.');
+                if (empty($v_ftp_user_data['v_ftp_user'])) $errors[] = 'ftp user';
+                if (!empty($errors[0])) {
+                    foreach ($errors as $i => $error) {
+                        if ( $i == 0 ) {
+                            $error_msg = $error;
+                        } else {
+                            $error_msg = $error_msg.", ".$error;
+                        }
+                    }
+                    $_SESSION['error_msg'] = __('Field "%s" can not be blank.',$error_msg);
+                }
+
+                // Add ftp account
+                $v_ftp_username      = $v_ftp_user_data['v_ftp_user'];
+                $v_ftp_username_full = $user . '_' . $v_ftp_user_data['v_ftp_user'];
+                $v_ftp_user = escapeshellarg($v_ftp_username);
+                $v_ftp_path = escapeshellarg(trim($v_ftp_user_data['v_ftp_path']));
+                if (empty($_SESSION['error_msg'])) {
+                    $v_ftp_password = tempnam("/tmp","vst");
+                    $fp = fopen($v_ftp_password, "w");
+                    fwrite($fp, $v_ftp_user_data['v_ftp_password']."\n");
+                    fclose($fp);
+                    exec (VESTA_CMD."v-add-web-domain-ftp ".$v_username." ".$v_domain." ".$v_ftp_user." ".$v_ftp_password . " " . $v_ftp_path, $output, $return_var);
+                    check_return_code($return_var,$output);
+                    if ((!empty($v_ftp_user_data['v_ftp_email'])) && (empty($_SESSION['error_msg']))) {
+                        $to = $v_ftp_user_data['v_ftp_email'];
+                        $subject = __("FTP login credentials");
+                        $hostname = exec('hostname');
+                        $from = __('MAIL_FROM',$hostname);
+                        $mailtext = __('FTP_ACCOUNT_READY',$_GET['domain'],$user,$v_ftp_username,$v_ftp_user_data['v_ftp_password']);
+                        send_email($to, $subject, $mailtext, $from);
+                        unset($v_ftp_email);
+                    }
+                    unset($output);
+                    unlink($v_ftp_password);
+                    $v_ftp_password = escapeshellarg($v_ftp_user_data['v_ftp_password']);
+                }
+
+                if ($return_var == 0) {
+                    $v_ftp_password = "";
+                    $v_ftp_user_data['is_new'] = 0;
+                }
+                else {
+                    $v_ftp_user_data['is_new'] = 1;
+                }
+
+                $v_ftp_users_updated[] = array(
+                    'is_new'            => empty($_SESSION['error_msg']) ? 0 : 1,
+                    'v_ftp_user'        => $v_ftp_username_full,
+                    'v_ftp_password'    => $v_ftp_password,
+                    'v_ftp_path'        => $v_ftp_user_data['v_ftp_path'],
+                    'v_ftp_email'       => $v_ftp_user_data['v_ftp_email'],
+                    'v_ftp_pre_path'    => $v_ftp_user_prepath
+                );
+
+                continue;
+            }
+
+            // Delete FTP account
+            if ($v_ftp_user_data['delete'] == 1) {
+                $v_ftp_username = $user . '_' . $v_ftp_user_data['v_ftp_user'];
+                exec (VESTA_CMD."v-delete-web-domain-ftp ".$v_username." ".$v_domain." ".$v_ftp_username, $output, $return_var);
+                check_return_code($return_var,$output);
+                unset($output);
+
+                continue;
+            }
+
+            if (!empty($_POST['v_ftp'])) {
+                if (empty($v_ftp_user_data['v_ftp_user'])) $errors[] = __('ftp user');
+                if (!empty($errors[0])) {
+                    foreach ($errors as $i => $error) {
+                        if ( $i == 0 ) {
+                            $error_msg = $error;
+                        } else {
+                            $error_msg = $error_msg.", ".$error;
+                        }
+                    }
+                    $_SESSION['error_msg'] = __('Field "%s" can not be blank.',$error_msg);
+                }
+
+                // Change FTP account path
+                $v_ftp_username_for_emailing = $v_ftp_user_data['v_ftp_user'];
+                $v_ftp_username = $user . '_' . $v_ftp_user_data['v_ftp_user']; //preg_replace("/^".$user."_/", "", $v_ftp_user_data['v_ftp_user']);
+                $v_ftp_username = escapeshellarg($v_ftp_username);
+                    $v_ftp_path = escapeshellarg(trim($v_ftp_user_data['v_ftp_path']));
+                    if(escapeshellarg(trim($v_ftp_user_data['v_ftp_path_prev'])) != $v_ftp_path) {
+                        exec (VESTA_CMD."v-change-web-domain-ftp-path ".$v_username." ".$v_domain." ".$v_ftp_username." ".$v_ftp_path, $output, $return_var);
+                    }
+
+                // Change FTP account password
+                if (!empty($v_ftp_user_data['v_ftp_password'])) {
+                    $v_ftp_password = tempnam("/tmp","vst");
+                    $fp = fopen($v_ftp_password, "w");
+                    fwrite($fp, $v_ftp_user_data['v_ftp_password']."\n");
+                    fclose($fp);
+                    exec (VESTA_CMD."v-change-web-domain-ftp-password ".$v_username." ".$v_domain." ".$v_ftp_username." ".$v_ftp_password, $output, $return_var);
+                    unlink($v_ftp_password);
+
+                    $to = $v_ftp_user_data['v_ftp_email'];
+                    $subject = __("FTP login credentials");
+                    $hostname = exec('hostname');
+                    $from = __('MAIL_FROM',$hostname);
+                    $mailtext = __('FTP_ACCOUNT_READY',$_GET['domain'],$user,$v_ftp_username_for_emailing,$v_ftp_user_data['v_ftp_password']);
+                    send_email($to, $subject, $mailtext, $from);
+                    unset($v_ftp_email);
+                }
+                check_return_code($return_var, $output);
+                unset($output);
+
+                $v_ftp_users_updated[] = array(
+                    'is_new'            => 0,
+                    'v_ftp_user'        => $v_ftp_username,
+                    'v_ftp_password'    => $v_ftp_user_data['v_ftp_password'],
+                    'v_ftp_path'        => $v_ftp_user_data['v_ftp_path'],
+                    'v_ftp_email'       => $v_ftp_user_data['v_ftp_email'],
+                    'v_ftp_pre_path'    => $v_ftp_user_prepath
+                );
+            }
+        }
+    }
+
+    // Restart web server
+    if (!empty($restart_web) && (empty($_SESSION['error_msg']))) {
+        exec (VESTA_CMD."v-restart-web", $output, $return_var);
+        check_return_code($return_var,$output);
+        unset($output);
+    }
+
+    // Restart proxy server
+    if ((!empty($_SESSION['PROXY_SYSTEM'])) && !empty($restart_proxy) && (empty($_SESSION['error_msg']))) {
+        exec (VESTA_CMD."v-restart-proxy", $output, $return_var);
+        check_return_code($return_var,$output);
+        unset($output);
+    }
+
+    // Restart dns server
+    if (!empty($restart_dns) && (empty($_SESSION['error_msg']))) {
+        exec (VESTA_CMD."v-restart-dns", $output, $return_var);
+        check_return_code($return_var,$output);
+        unset($output);
+    }
+
+    // Set success message
+    if (empty($_SESSION['error_msg'])) {
+        $_SESSION['ok_msg'] = __('Changes has been saved.');
+    }
+
+}
+
+
+$v_ftp_users_raw = explode(':', $v_ftp_user);
+$v_ftp_users_paths_raw = explode(':', $data[$v_domain]['FTP_PATH']);
+$v_ftp_users = array();
+foreach ($v_ftp_users_raw as $v_ftp_user_index => $v_ftp_user_val) {
+    if (empty($v_ftp_user_val)) {
+        continue;
+    }
+    $v_ftp_users[] = array(
+        'is_new'            => 0,
+        'v_ftp_user'        => $v_ftp_user_val,
+        'v_ftp_password'    => $v_ftp_password,
+        'v_ftp_path'        => (isset($v_ftp_users_paths_raw[$v_ftp_user_index]) ? $v_ftp_users_paths_raw[$v_ftp_user_index] : ''),
+        'v_ftp_email'       => $v_ftp_email,
+        'v_ftp_pre_path'    => $v_ftp_user_prepath
+    );
+}
+
+if (empty($v_ftp_users)) {
+    $v_ftp_user = null;
+    $v_ftp_users[] = array(
+        'is_new'            => 1,
+        'v_ftp_user'        => '',
+        'v_ftp_password'    => '',
+        'v_ftp_path'        => (isset($v_ftp_users_paths_raw[$v_ftp_user_index]) ? $v_ftp_users_paths_raw[$v_ftp_user_index] : ''),
+        'v_ftp_email'       => '',
+        'v_ftp_pre_path'    => $v_ftp_user_prepath
+    );
+}
+
+// set default pre path for newly created users
+$v_ftp_pre_path_new_user = $v_ftp_user_prepath;
+if (isset($v_ftp_users_updated)) {
+    $v_ftp_users = $v_ftp_users_updated;
+    if (empty($v_ftp_users_updated)) {
+        $v_ftp_user = null;
+        $v_ftp_users[] = array(
+            'is_new'            => 1,
+            'v_ftp_user'        => '',
+            'v_ftp_password'    => '',
+            'v_ftp_path'        => (isset($v_ftp_users_paths_raw[$v_ftp_user_index]) ? $v_ftp_users_paths_raw[$v_ftp_user_index] : ''),
+            'v_ftp_email'       => '',
+            'v_ftp_pre_path'    => $v_ftp_user_prepath
+        );
+    }
+}
+
+$result = array(
+    'username' => $v_username,
+    'domain' => $v_domain,
+    'ip' => $v_ip,
+    'template' => $v_template,
+    'aliases' => $v_aliases,
+    'valiases' => $valiases,
+    'tpl' => $v_tpl,
+    'elog' => $$v_elog,
+    'ssl' => $v_ssl,
+    'cgi' => $v_cgi,
+    'ssl_crt' => $v_ssl_crt,
+    'ssl_key' => $v_ssl_key,
+    'ssl_ca' => $v_ssl_ca,
+    'ssl_subject' => $v_ssl_subject,
+    'ssl_aliases' => $v_ssl_aliases,
+    'ssl_not_before' => $v_ssl_not_before,
+    'ssl_not_after' => $v_ssl_not_after,
+    'ssl_signature' => $v_ssl_signature,
+    'ssl_pub_key' => $v_ssl_pub_key,
+    'ssl_issuer' => $v_ssl_issuer,
+    'letsencrypt' => $v_letsencrypt,
+    'ssl_home' => $v_ssl_home,
+    'backend_template' => $v_backend_template,
+    'proxy' => $v_proxy,
+    'proxy_template' => $v_proxy_template,
+    'proxy_ext' => $v_proxy_ext,
+    'v_stats' => $v_stats,
+    'stats_user' => $v_stats_user,
+    'ftp_user' => $v_ftp_user,
+    'ftp_path' => $v_ftp_path,
+    'ftp_password' => $v_ftp_password,
+    'ftp_user_prepath' => $v_ftp_user_prepath,
+    'ftp_email' => $v_ftp_email,
+    'suspended' => $v_suspended,
+    'status' => $v_status,
+    'time' => $v_time,
+    'date' => $v_date,
+    'ips' => $ips,
+    'prefixI18N' => __('Prefix will be automaticaly added to username',$user."_"),
+    'ftp_users' => $v_ftp_users,
+    'templates' => $templates,
+    'backend_templates' => $backend_templates,
+    'proxy_templates' => $proxy_templates,
+    'stats' => $stats,
+    'proxy_system' => $_SESSION['PROXY_SYSTEM'],
+    'web_backend' => $_SESSION['WEB_BACKEND'],
+    'web_system' => $_SESSION['WEB_SYSTEM'],
+    'error_msg' => $_SESSION['error_msg'],
+    'ok_msg' => $_SESSION['ok_msg']
+);
+
+echo json_encode($result);
+
+// Flush session messages
+unset($_SESSION['error_msg']);
+unset($_SESSION['ok_msg']);
diff --git a/web/api/v1/index.php b/web/api/v1/index.php
new file mode 100644
index 000000000..80f72b99e
--- /dev/null
+++ b/web/api/v1/index.php
@@ -0,0 +1,125 @@
+<?php
+define('VESTA_CMD', '/usr/bin/sudo /usr/local/vesta/bin/');
+
+if (isset($_POST['user']) || isset($_POST['hash'])) {
+
+    // Authentication
+    if (empty($_POST['hash'])) {
+        if ($_POST['user'] != 'admin') {
+            echo 'Error: authentication failed';
+            exit;
+        }
+
+        $password = $_POST['password'];
+        $v_ip = escapeshellarg($_SERVER['REMOTE_ADDR']);
+        $output = '';
+        exec (VESTA_CMD."v-get-user-salt admin ".$v_ip." json" , $output, $return_var);
+        $pam = json_decode(implode('', $output), true);
+        $salt = $pam['admin']['SALT'];
+        $method = $pam['admin']['METHOD'];
+
+        if ($method == 'md5' ) {
+            $hash = crypt($password, '$1$'.$salt.'$');
+        }
+        if ($method == 'sha-512' ) {
+            $hash = crypt($password, '$6$rounds=5000$'.$salt.'$');
+            $hash = str_replace('$rounds=5000','',$hash);
+        }
+        if ($method == 'des' ) {
+            $hash = crypt($password, $salt);
+        }
+
+        // Send hash via tmp file
+        $v_hash = exec('mktemp -p /tmp');
+        $fp = fopen($v_hash, "w");
+        fwrite($fp, $hash."\n");
+        fclose($fp);
+
+        // Check user hash
+        exec(VESTA_CMD ."v-check-user-hash admin ".$v_hash." ".$v_ip,  $output, $return_var);
+        unset($output);
+
+        // Remove tmp file
+        unlink($v_hash);
+
+        // Check API answer
+        if ( $return_var > 0 ) {
+            echo 'Error: authentication failed';
+            exit;
+        }
+    } else {
+        $key = '/usr/local/vesta/data/keys/' . basename($_POST['hash']);
+        if (file_exists($key) && is_file($key)) {
+            exec(VESTA_CMD ."v-check-api-key ".escapeshellarg($key)." ".$v_ip,  $output, $return_var);
+            unset($output);
+
+            // Check API answer
+            if ( $return_var > 0 ) {
+                echo 'Error: authentication failed';
+                exit;
+            }
+        } else {
+            $return_var = 1;
+        }
+    }
+
+    if ( $return_var > 0 ) {
+        echo 'Error: authentication failed';
+        exit;
+    }
+
+    // Prepare arguments
+    if (isset($_POST['cmd'])) $cmd = escapeshellarg($_POST['cmd']);
+    if (isset($_POST['arg1'])) $arg1 = escapeshellarg($_POST['arg1']);
+    if (isset($_POST['arg2'])) $arg2 = escapeshellarg($_POST['arg2']);
+    if (isset($_POST['arg3'])) $arg3 = escapeshellarg($_POST['arg3']);
+    if (isset($_POST['arg4'])) $arg4 = escapeshellarg($_POST['arg4']);
+    if (isset($_POST['arg5'])) $arg5 = escapeshellarg($_POST['arg5']);
+    if (isset($_POST['arg6'])) $arg6 = escapeshellarg($_POST['arg6']);
+    if (isset($_POST['arg7'])) $arg7 = escapeshellarg($_POST['arg7']);
+    if (isset($_POST['arg8'])) $arg8 = escapeshellarg($_POST['arg8']);
+    if (isset($_POST['arg9'])) $arg9 = escapeshellarg($_POST['arg9']);
+
+    // Build query
+    $cmdquery = VESTA_CMD.$cmd." ";
+    if(!empty($arg1)){
+         $cmdquery = $cmdquery.$arg1." "; }
+    if(!empty($arg2)){
+         $cmdquery = $cmdquery.$arg2." "; }
+    if(!empty($arg3)){
+         $cmdquery = $cmdquery.$arg3." "; }
+    if(!empty($arg4)){
+         $cmdquery = $cmdquery.$arg4." "; }
+    if(!empty($arg5)){
+         $cmdquery = $cmdquery.$arg5." "; }
+    if(!empty($arg6)){
+         $cmdquery = $cmdquery.$arg6." "; }
+    if(!empty($arg7)){
+         $cmdquery = $cmdquery.$arg7." "; }
+    if(!empty($arg8)){
+         $cmdquery = $cmdquery.$arg8." "; }
+    if(!empty($arg9)){
+         $cmdquery = $cmdquery.$arg9; }
+
+    // Check command
+    if ($cmd == "'v-make-tmp-file'") {
+        // Used in DNS Cluster
+        $fp = fopen($_POST['arg2'], 'w');
+        fwrite($fp, $_POST['arg1']."\n");
+        fclose($fp);
+        $return_var = 0;
+    } else {
+        // Run normal cmd query
+        exec ($cmdquery, $output, $return_var);
+    }
+
+    if ((!empty($_POST['returncode'])) && ($_POST['returncode'] == 'yes')) {
+        echo $return_var;
+    } else {
+        if (($return_var == 0) && (empty($output))) {
+            echo "OK";
+        } else {
+            echo implode("\n",$output)."\n";
+        }
+    }
+}
diff --git a/web/api/v1/languages.php b/web/api/v1/languages.php
new file mode 100644
index 000000000..8332fc217
--- /dev/null
+++ b/web/api/v1/languages.php
@@ -0,0 +1,15 @@
+<?php
+error_reporting(NULL);
+$TAB = 'BACKUP';
+header('Content-Type: application/json');
+
+// Main include
+include($_SERVER['DOCUMENT_ROOT'].'/inc/main.php');
+top_panel(empty($_SESSION['look']) ? $_SESSION['user'] : $_SESSION['look'], $TAB);
+
+// List languages
+exec (VESTA_CMD."v-list-sys-languages json", $output, $return_var);
+$languages = json_decode(implode('', $output), true);
+unset($output);
+
+echo json_encode($languages);
\ No newline at end of file
diff --git a/web/api/v1/list-user-ns.php b/web/api/v1/list-user-ns.php
new file mode 100644
index 000000000..e30435070
--- /dev/null
+++ b/web/api/v1/list-user-ns.php
@@ -0,0 +1,15 @@
+<?php
+error_reporting(NULL);
+$TAB = 'BACKUP';
+header('Content-Type: application/json');
+
+// Main include
+include($_SERVER['DOCUMENT_ROOT'].'/inc/main.php');
+top_panel(empty($_SESSION['look']) ? $_SESSION['user'] : $_SESSION['look'], $TAB);
+
+// List users ns
+exec (VESTA_CMD."v-list-user-ns ".$user." json", $output, $return_var);
+$nameservers = json_decode(implode('', $output), true);
+unset($output);
+
+echo json_encode($nameservers);
\ No newline at end of file
diff --git a/web/api/v1/list/backup/exclusions/index.php b/web/api/v1/list/backup/exclusions/index.php
new file mode 100644
index 000000000..f1f350f01
--- /dev/null
+++ b/web/api/v1/list/backup/exclusions/index.php
@@ -0,0 +1,23 @@
+<?php
+error_reporting(NULL);
+$TAB = 'BACKUP';
+
+header('Content-Type: application/json');
+
+// Main include
+include($_SERVER['DOCUMENT_ROOT'].'/inc/main.php');
+
+// Data
+exec (VESTA_CMD."v-list-user-backup-exclusions $user json", $output, $return_var);
+$data = json_decode(implode('', $output), true);
+unset($output);
+
+// Render page
+// render_page($user, $TAB, 'list_backup_exclusions');
+
+// Back uri
+$_SESSION['back'] = $_SERVER['REQUEST_URI'];
+
+$result = array('data' => $data);
+
+echo json_encode($result);
diff --git a/web/api/v1/list/backup/index.php b/web/api/v1/list/backup/index.php
new file mode 100644
index 000000000..54e515202
--- /dev/null
+++ b/web/api/v1/list/backup/index.php
@@ -0,0 +1,77 @@
+<?php
+error_reporting(NULL);
+$TAB = 'BACKUP';
+header('Content-Type: application/json');
+
+// Main include
+include($_SERVER['DOCUMENT_ROOT'].'/inc/main.php');
+top_panel(empty($_SESSION['look']) ? $_SESSION['user'] : $_SESSION['look'], $TAB);
+
+// Data & Render page
+if (empty($_GET['backup'])){
+  exec (VESTA_CMD."v-list-user-backups $user json", $output, $return_var);
+  $data = json_decode(implode('', $output), true);
+  $data = array_reverse($data,true);
+  unset($output);
+
+  // render_page($user, $TAB, 'list_backup');
+} else {
+  exec (VESTA_CMD."v-list-user-backup $user ".escapeshellarg($_GET['backup'])." json", $output, $return_var);
+  $data = json_decode(implode('', $output), true);
+  $data = array_reverse($data,true);
+  unset($output);
+
+  // render_page($user, $TAB, 'list_backup_detail');
+}
+
+$backup = $_GET['backup'];
+
+foreach ($data as $key => $value) {
+  ++$i;
+  $web = __('no');
+  $dns = __('no');
+  $mail = __('no');
+  $db = __('no');
+  $cron = __('no');
+  $udir = __('no');
+
+  if (!empty($data[$key]['WEB'])) $web = __('yes');
+  if (!empty($data[$key]['DNS'])) $dns = __('yes');
+  if (!empty($data[$key]['MAIL'])) $mail = __('yes');
+  if (!empty($data[$key]['DB'])) $db = __('yes');
+  if (!empty($data[$key]['CRON'])) $cron = __('yes');
+  if (!empty($data[$key]['UDIR'])) $udir = __('yes');
+
+  $data[$key]['delete_conf'] = __('DELETE_BACKUP_CONFIRMATION', $key);
+
+	if (empty($_GET['backup'])){
+		if ( $i == 1) {
+			$total_amount = __('1 archive');
+		} else {
+			$total_amount = __('%s archives',$i);
+		}
+	} else {
+		$webAr = explode(',',$data[$backup]['WEB']);
+		$dnsAr = explode(',',$data[$backup]['DNS']);
+		$mailAr = explode(',',$data[$backup]['MAIL']);
+		$dbAr = explode(',',$data[$backup]['DB']);
+		$cronAr = explode(',',$data[$backup]['CRON']);
+		$udirAr = explode(',',$data[$backup]['UDIR']);
+
+		$totalLength = count($webAr) + count($dnsAr) + count($mailAr) + count($dbAr) + count($cronAr) + count($udirAr);
+
+		$total_amount = __('%s items', $totalLength);
+	}
+}
+
+// Back uri
+$_SESSION['back'] = $_SERVER['REQUEST_URI'];
+
+$object = (object)[];
+$object->data = $data;
+$object->user = $user;
+$object->panel = $panel;
+$object->totalAmount = $total_amount;
+$object->backup_fav = $_SESSION['favourites']['BACKUP'];
+
+print json_encode($object);
\ No newline at end of file
diff --git a/web/api/v1/list/cron/index.php b/web/api/v1/list/cron/index.php
new file mode 100644
index 000000000..8502aaff4
--- /dev/null
+++ b/web/api/v1/list/cron/index.php
@@ -0,0 +1,59 @@
+<?php
+error_reporting(NULL);
+$TAB = 'CRON';
+header('Content-Type: application/json');
+
+// Main include
+include($_SERVER['DOCUMENT_ROOT'].'/inc/main.php');
+
+top_panel(empty($_SESSION['look']) ? $_SESSION['user'] : $_SESSION['look'], $TAB);
+
+// Data
+exec (VESTA_CMD."v-list-cron-jobs $user json", $output, $return_var);
+$data = json_decode(implode('', $output), true);
+$data = array_reverse($data,true);
+unset($output);
+
+// Render page
+// render_page($user, $TAB, 'list_cron');
+
+if($panel[$user]['CRON_REPORTS'] == 'yes') {
+  $cron_reports = __('turn off notifications');
+} else {
+  $cron_reports = __('turn on notifications');
+}
+
+foreach ($data as $key => $value) {
+  ++$i;
+
+  if ($data[$key]['SUSPENDED'] == 'yes') {
+    $data[$key]['status'] = 'suspended';
+    $data[$key]['suspend_action'] = 'unsuspend' ;
+    $data[$key]['suspend_conf'] = __('UNSUSPEND_CRON_CONFIRMATION', $key);
+  } else {
+    $data[$key]['status'] = 'active';
+    $data[$key]['suspend_action'] = 'suspend';
+    $data[$key]['suspend_conf'] = __('SUSPEND_CRON_CONFIRMATION', $key);
+  }
+
+  $data[$key]['delete_conf'] = __('DELETE_CRON_CONFIRMATION', $key);
+
+  if ( $i == 1) {
+    $total_amount = __('1 cron job');
+  } else {
+    $total_amount = __('%s cron jobs', $i);
+  }
+}
+
+// Back uri
+$_SESSION['back'] = $_SERVER['REQUEST_URI'];
+
+$object = (object)[];
+$object->data = $data;
+$object->user = $user;
+$object->panel = $panel;
+$object->totalAmount = $total_amount;
+$object->cron_reports = $panel[$user]['CRON_REPORTS'];
+$object->cron_fav = $_SESSION['favourites']['CRON'];
+
+print json_encode($object);
\ No newline at end of file
diff --git a/web/api/v1/list/db/index.php b/web/api/v1/list/db/index.php
new file mode 100644
index 000000000..f9e327a2c
--- /dev/null
+++ b/web/api/v1/list/db/index.php
@@ -0,0 +1,79 @@
+<?php
+error_reporting(NULL);
+$TAB = 'DB';
+
+header('Content-Type: application/json');
+
+// Main include
+include($_SERVER['DOCUMENT_ROOT']."/inc/main.php");
+
+// Data
+exec (VESTA_CMD."v-list-databases $user json", $output, $return_var);
+$data = json_decode(implode('', $output), true);
+$data = array_reverse($data, true);
+unset($output);
+
+top_panel(empty($_SESSION['look']) ? $_SESSION['user'] : $_SESSION['look'], $TAB);
+
+// Render page
+// render_page($user, $TAB, 'list_db');
+
+// Back uri
+$_SESSION['back'] = $_SERVER['REQUEST_URI'];
+
+list($http_host, $port) = explode(':', $_SERVER["HTTP_HOST"].":");
+foreach ($data as $key => $value) {
+  ++$i;
+
+  if ( $i == 1) {
+    $total_amount = __('1 database');
+  } else {
+    $total_amount = __('%s databases',$i);
+  }
+
+  if ($data[$key]['SUSPENDED'] == 'yes') {
+    $data[$key]['status'] = 'suspended';
+    $data[$key]['suspend_action'] = 'unsuspend' ;
+    $data[$key]['suspend_conf'] = __('UNSUSPEND_DATABASE_CONFIRMATION', $key);
+  } else {
+    $data[$key]['status'] = 'active';
+    $data[$key]['suspend_action'] = 'suspend';
+    $data[$key]['suspend_conf'] = __('SUSPEND_DATABASE_CONFIRMATION', $key);
+  }
+
+  if ($data[$key]['TYPE'] == 'mysql'){
+    $mysql = 1;
+
+    $db_myadmin_link = "http://".$http_host."/phpmyadmin/";
+    if (!empty($_SESSION['DB_PMA_URL']))
+      $db_myadmin_link = $_SESSION['DB_PMA_URL'];
+  }
+  if ($data[$key]['TYPE'] == 'pgsql'){
+    $pgsql = 1;
+    $db_pgadmin_link = "http://".$http_host."/phppgadmin/";
+    if (!empty($_SESSION['DB_PGA_URL']))
+      $db_pgadmin_link = $_SESSION['DB_PGA_URL'];
+  }
+
+  if ($data[$key]['HOST'] != 'localhost' ) $http_host = $data[$key]['HOST'];
+  if ($data[$key]['TYPE'] == 'mysql') $db_admin = "phpMyAdmin";
+  if ($data[$key]['TYPE'] == 'mysql') $db_admin_link = "http://".$http_host."/phpmyadmin/";
+  if (($data[$key]['TYPE'] == 'mysql') && (!empty($_SESSION['DB_PMA_URL']))) $db_admin_link = $_SESSION['DB_PMA_URL'];
+  if ($data[$key]['TYPE'] == 'pgsql') $db_admin = "phpPgAdmin";
+  if ($data[$key]['TYPE'] == 'pgsql') $db_admin_link = "http://".$http_host."/phppgadmin/";
+  if (($data[$key]['TYPE'] == 'pgsql') && (!empty($_SESSION['DB_PGA_URL']))) $db_admin_link = $_SESSION['DB_PGA_URL'];
+
+  $data[$key]['delete_conf'] = __('DELETE_DATABASE_CONFIRMATION', $key);
+}
+
+$object = (object)[];
+$object->data = $data;
+$object->user = $user;
+$object->panel = $panel;
+$object->db_admin = $db_admin;
+$object->db_admin_link = $db_admin_link;
+$object->totalAmount = $total_amount;
+$object->databases = $databases;
+$object->dbFav = $_SESSION['favourites']['DB'];
+
+print json_encode($object);
\ No newline at end of file
diff --git a/web/api/v1/list/directory/index.php b/web/api/v1/list/directory/index.php
new file mode 100644
index 000000000..12919b140
--- /dev/null
+++ b/web/api/v1/list/directory/index.php
@@ -0,0 +1,35 @@
+<?php
+error_reporting(NULL);
+
+include($_SERVER['DOCUMENT_ROOT'] . "/inc/main.php");
+
+
+if ((!isset($_SESSION['FILEMANAGER_KEY'])) || (empty($_SESSION['FILEMANAGER_KEY']))) {
+    header("Location: /filemanager-not-purchased/");
+    exit;
+}
+
+// Check login_as feature
+if (($_SESSION['user'] == 'admin') && (!empty($_SESSION['look']))) {
+    $user=$_SESSION['look'];
+}
+
+if (empty($panel)) {
+    $command = VESTA_CMD."v-list-user '".$user."' 'json'";
+    exec ($command, $output, $return_var);
+    if ( $return_var > 0 ) {
+        header("Location: /error/");
+        exit;
+    }
+    $panel = json_decode(implode('', $output), true);
+}
+
+$path_a = !empty($_REQUEST['dir_a']) ? htmlentities($_REQUEST['dir_a']) : '';
+$path_b = !empty($_REQUEST['dir_b']) ? htmlentities($_REQUEST['dir_b']) : '';
+$GLOBAL_JS  = '<script type="text/javascript">GLOBAL.START_DIR_A = "' . $path_a . '";</script>';
+$GLOBAL_JS .= '<script type="text/javascript">GLOBAL.START_DIR_B = "' . $path_b . '";</script>';
+$GLOBAL_JS .= '<script type="text/javascript">GLOBAL.ROOT_DIR = "' . $panel[$user]['HOME'] . '";</script>';
+
+
+// Footer
+include($_SERVER['DOCUMENT_ROOT'].'/templates/file_manager/main.php');
\ No newline at end of file
diff --git a/web/api/v1/list/directory/preview/index.php b/web/api/v1/list/directory/preview/index.php
new file mode 100644
index 000000000..737e19db3
--- /dev/null
+++ b/web/api/v1/list/directory/preview/index.php
@@ -0,0 +1,35 @@
+<?php
+error_reporting(NULL);
+
+include($_SERVER['DOCUMENT_ROOT'] . "/inc/main.php");
+
+
+if ((!isset($_SESSION['FILEMANAGER_KEY'])) || (empty($_SESSION['FILEMANAGER_KEY']))) {
+    header("Location: /filemanager-not-purchased/");
+    exit;
+}
+
+// Check login_as feature
+if (($_SESSION['user'] == 'admin') && (!empty($_SESSION['look']))) {
+    $user=$_SESSION['look'];
+}
+
+if (empty($panel)) {
+    $command = VESTA_CMD."v-list-user '".$user."' 'json'";
+    exec ($command, $output, $return_var);
+    if ( $return_var > 0 ) {
+        header("Location: /error/");
+        exit;
+    }
+    $panel = json_decode(implode('', $output), true);
+}
+
+$path_a = !empty($_REQUEST['dir_a']) ? $_REQUEST['dir_a'] : '';
+$path_b = !empty($_REQUEST['dir_b']) ? $_REQUEST['dir_b'] : '';
+$GLOBAL_JS  = '<script type="text/javascript">GLOBAL.START_DIR_A = "' . $path_a . '";</script>';
+$GLOBAL_JS .= '<script type="text/javascript">GLOBAL.START_DIR_B = "' . $path_b . '";</script>';
+$GLOBAL_JS .= '<script type="text/javascript">GLOBAL.ROOT_DIR = "' . $panel[$user]['HOME'] . '";</script>';
+
+
+// Footer
+include($_SERVER['DOCUMENT_ROOT'].'/templates/file_manager/main.php');
\ No newline at end of file
diff --git a/web/api/v1/list/dns/index.php b/web/api/v1/list/dns/index.php
new file mode 100644
index 000000000..766258aab
--- /dev/null
+++ b/web/api/v1/list/dns/index.php
@@ -0,0 +1,72 @@
+<?php
+error_reporting(NULL);
+$TAB = 'DNS';
+header("Content-Type: application/json");
+
+// Main include
+include($_SERVER['DOCUMENT_ROOT']."/inc/main.php");
+top_panel(empty($_SESSION['look']) ? $_SESSION['user'] : $_SESSION['look'], $TAB);
+
+// Data & Render page
+if (empty($_GET['domain'])){
+    exec (VESTA_CMD."v-list-dns-domains $user json", $output, $return_var);
+    $data = json_decode(implode('', $output), true);
+    $data = array_reverse($data, true);
+    unset($output);
+
+    // render_page($user, $TAB, 'list_dns');
+} else {
+    exec (VESTA_CMD."v-list-dns-records ".$user." ".escapeshellarg($_GET['domain'])." json", $output, $return_var);
+    $data = json_decode(implode('', $output), true);
+    $data = array_reverse($data, true);
+    unset($output);
+
+    // render_page($user, $TAB, 'list_dns_rec');
+}
+
+foreach ($data as $key => $value) {
+  ++$i;
+
+  if ( $i == 1) {
+    $total_amount = __('1 domain');
+  } else {
+    $total_amount = __('%s domains', $i);
+  }
+
+  if (!empty($_GET['domain'])){
+    if ( $i == 1) {
+      $total_amount = __('1 record');
+    } else {
+      $total_amount = __('%s records',$i);
+    }
+
+      $data[$key]['delete_conf'] = __('DELETE_RECORD_CONFIRMATION', $data[$key]['RECORD']);
+  } else {
+      $data[$key]['delete_conf'] = __('DELETE_DOMAIN_CONFIRMATION', $key);
+  }
+
+  if ($data[$key]['SUSPENDED'] == 'yes') {
+    $data[$key]['status'] = 'suspended';
+    $data[$key]['suspend_action'] = 'unsuspend' ;
+    $data[$key]['suspend_conf'] = !empty($_GET['domain']) ? __('UNSUSPEND_RECORD_CONFIRMATION', $data[$key]['RECORD']) : __('UNSUSPEND_DOMAIN_CONFIRMATION', $key);
+  } else {
+    $data[$key]['status'] = 'active';
+    $data[$key]['suspend_action'] = 'suspend';
+    $data[$key]['suspend_conf'] = !empty($_GET['domain']) ? __('SUSPEND_RECORD_CONFIRMATION', $data[$key]['RECORD']) : __('SUSPEND_DOMAIN_CONFIRMATION', $key);
+  }
+
+  $data[$key]['RECORDS_I18N'] = __('list records', $data[$key]['RECORDS']);
+}
+
+// Back uri
+$_SESSION['back'] = $_SERVER['REQUEST_URI'];
+
+$object = (object)[];
+$object->data = $data;
+$object->user = $user;
+$object->panel = $panel;
+$object->totalAmount = $total_amount;
+$object->dnsFav = $_SESSION['favourites']['DNS'];
+$object->dnsRecordsFav = $_SESSION['favourites']['DNS_REC'];
+
+print json_encode($object);
\ No newline at end of file
diff --git a/web/api/v1/list/favorites/index.php b/web/api/v1/list/favorites/index.php
new file mode 100644
index 000000000..0ddc4c0b0
--- /dev/null
+++ b/web/api/v1/list/favorites/index.php
@@ -0,0 +1,24 @@
+<?php
+error_reporting(NULL);
+    include($_SERVER['DOCUMENT_ROOT']."/inc/main.php");
+
+    echo '<br> Favorites: <br>';
+
+    // Data
+    exec (VESTA_CMD."v-list-user-favourites ".$_SESSION['user']." json", $output, $return_var);
+
+
+//    print_r(implode('', $output));
+//    $json = '{ "Favourites": { "USER": "", "WEB": "bulletfarm.com", "DNS": "", "MAIL": "", "DB": "", "CRON": "", "BACKUP": "", "IP": "", "PACKAGE": "", "FIREWALL": ""}}';
+//    $data = json_decode($json, true);
+
+
+    $data = json_decode(implode('', $output).'}', true);
+    $data = array_reverse($data,true);
+
+    print_r($data);
+//    $data = array_reverse($data,true);
+
+//    $data = json_decode(implode('', $output), true);
+
+?>
\ No newline at end of file
diff --git a/web/api/v1/list/firewall/banlist/index.php b/web/api/v1/list/firewall/banlist/index.php
new file mode 100644
index 000000000..54136bb21
--- /dev/null
+++ b/web/api/v1/list/firewall/banlist/index.php
@@ -0,0 +1,56 @@
+<?php
+error_reporting(NULL);
+$TAB = 'FIREWALL';
+
+header('Content-Type: application/json');
+
+// Main include
+include($_SERVER['DOCUMENT_ROOT']."/inc/main.php");
+
+// Check user
+if ($_SESSION['user'] != 'admin') {
+    exit;
+}
+
+// Data
+exec (VESTA_CMD."v-list-firewall-ban json", $output, $return_var);
+$data = json_decode(implode('', $output), true);
+$data = array_reverse($data, true);
+unset($output);
+
+foreach ($data as $key => $value) {
+	++$i;
+
+    if ($data[$key]['SUSPENDED'] == 'yes') {
+	    $data[$key]['status'] = 'suspended';
+	    $data[$key]['suspend_action'] = 'unsuspend' ;
+	    $data[$key]['suspend_conf'] = 'UNSUSPEND_RULE_CONFIRMATION' ;
+	} else {
+	    $data[$key]['status'] = 'active';
+	    $data[$key]['suspend_action'] = 'suspend' ;
+	    $data[$key]['suspend_conf'] = 'SUSPEND_RULE_CONFIRMATION' ;
+	}
+
+	$data[$key]['delete_url'] = '/delete/firewall/banlist/?ip='.$data[$key]['ip'].'&chain='.$data[$key]['CHAIN'].'&token='.$_SESSION['token'];
+	$data[$key]['delete_confirmation'] = __('DELETE_IP_CONFIRMATION',$key);
+
+	if ( $i == 1) {
+	    $total_amount = __('1 rule');
+	} else {
+	    $total_amount = __('%s rules',$i);
+	}
+}
+
+if ($i == 0) {
+	$total_amount = __('There are no currently banned IP');
+}
+
+// Back uri
+$_SESSION['back'] = $_SERVER['REQUEST_URI'];
+
+$result = array(
+	'data' => $data,
+	'total_amount' => $total_amount
+);
+
+echo json_encode($result);
diff --git a/web/api/v1/list/firewall/index.php b/web/api/v1/list/firewall/index.php
new file mode 100644
index 000000000..35d6ecbdf
--- /dev/null
+++ b/web/api/v1/list/firewall/index.php
@@ -0,0 +1,58 @@
+<?php
+error_reporting(NULL);
+$TAB = 'FIREWALL';
+
+// Main include
+include($_SERVER['DOCUMENT_ROOT']."/inc/main.php");
+top_panel(empty($_SESSION['look']) ? $_SESSION['user'] : $_SESSION['look'], $TAB);
+header("Content-Type: application/json");
+
+// Check user
+if ($_SESSION['user'] != 'admin') {
+    header("Location: /list/user");
+    exit;
+}
+
+// Data
+exec (VESTA_CMD."v-list-firewall json", $output, $return_var);
+$data = json_decode(implode('', $output), true);
+$data = array_reverse($data, true);
+unset($output);
+
+foreach ($data as $key => $value) {
+  ++$i;
+
+  if ($data[$key]['SUSPENDED'] == 'yes') {
+    $data[$key]['status'] = 'suspended';
+    $data[$key]['suspend_action'] = 'unsuspend' ;
+    $data[$key]['suspend_conf'] = __('UNSUSPEND_RULE_CONFIRMATION', $key);
+  } else {
+    $data[$key]['status'] = 'active';
+    $data[$key]['suspend_action'] = 'suspend';
+    $data[$key]['suspend_conf'] = __('SUSPEND_RULE_CONFIRMATION', $key);
+  }
+
+  $data[$key]['delete_conf'] = __('DELETE_RULE_CONFIRMATION', $key);
+
+  if ( $i == 1) {
+    $total_amount =  __('1 rule');
+  } else {
+    $total_amount = __('%s rules', $i);
+  }
+}
+
+// Render page
+// render_page($user, $TAB, 'list_firewall');
+
+// Back uri
+$_SESSION['back'] = $_SERVER['REQUEST_URI'];
+
+$object = (object)[];
+$object->data = $data;
+$object->user = $user;
+$object->panel = $panel;
+$object->totalAmount = $total_amount;
+$object->firewallExtension = !empty($_SESSION['FIREWALL_EXTENSION']);
+$object->firewallFav = $_SESSION['favourites']['FIREWALL'];
+
+print json_encode($object);
\ No newline at end of file
diff --git a/web/api/v1/list/index.php b/web/api/v1/list/index.php
new file mode 100644
index 000000000..b0d34a3f8
--- /dev/null
+++ b/web/api/v1/list/index.php
@@ -0,0 +1,8 @@
+<?php
+session_start();
+if (isset($_SESSION['user'])) {
+    header("Location: /list/user/");
+} else {
+    header("Location: /login/");
+}
+?>
diff --git a/web/api/v1/list/ip/index.php b/web/api/v1/list/ip/index.php
new file mode 100644
index 000000000..899e57e5b
--- /dev/null
+++ b/web/api/v1/list/ip/index.php
@@ -0,0 +1,47 @@
+<?php
+error_reporting(NULL);
+header('Content-Type: application/json');
+
+$TAB = 'IP';
+
+// Main include
+include($_SERVER['DOCUMENT_ROOT']."/inc/main.php");
+top_panel(empty($_SESSION['look']) ? $_SESSION['user'] : $_SESSION['look'], $TAB);
+
+// Check user
+if ($_SESSION['user'] != 'admin') {
+    header('Location: /list/user');
+    exit;
+}
+
+// Data
+exec (VESTA_CMD."v-list-sys-ips json", $output, $return_var);
+$data = json_decode(implode('', $output), true);
+$data = array_reverse($data, true);
+unset($output);
+
+foreach ($data as $key => $value) {
+  ++$i;
+  if ( $i == 1) {
+    $total_amount = __('1 IP address');
+  } else {
+    $total_amount = __('%s IP addresses',$i);
+  }
+
+  $data[$key]['delete_conf'] = __('DELETE_IP_CONFIRMATION', $key);
+}
+
+// Render page
+// render_page($user, $TAB, 'list_ip');
+
+// Back uri
+$_SESSION['back'] = $_SERVER['REQUEST_URI'];
+
+$object = (object)[];
+$object->data = $data;
+$object->user = $user;
+$object->panel = $panel;
+$object->totalAmount = $total_amount;
+$object->ipFav = $_SESSION['favourites']['IP'];
+
+print json_encode($object);
\ No newline at end of file
diff --git a/web/api/v1/list/log/index.php b/web/api/v1/list/log/index.php
new file mode 100644
index 000000000..4eb96b0fd
--- /dev/null
+++ b/web/api/v1/list/log/index.php
@@ -0,0 +1,36 @@
+<?php
+error_reporting(NULL);
+$TAB = 'LOG';
+
+// Main include
+include($_SERVER['DOCUMENT_ROOT']."/inc/main.php");
+top_panel(empty($_SESSION['look']) ? $_SESSION['user'] : $_SESSION['look'], $TAB);
+header('Content-Type: application/json');
+
+// Data
+exec (VESTA_CMD."v-list-user-log $user json", $output, $return_var);
+check_error($return_var);
+$data = json_decode(implode('', $output), true);
+$data = array_reverse($data);
+unset($output);
+
+foreach ($data as $key => $value) {
+  ++$i;
+
+  if ( $i == 1) {
+    $total_amount = __('one log record');
+  } else {
+    $total_amount = __('%s log records',$i);
+  }  
+}
+
+// Render page
+// render_page($user, $TAB, 'list_log');
+
+$object = (object)[];
+$object->data = $data;
+$object->user = $user;
+$object->panel = $panel;
+$object->totalAmount = $total_amount;
+
+print json_encode($object);
\ No newline at end of file
diff --git a/web/api/v1/list/mail/index.php b/web/api/v1/list/mail/index.php
new file mode 100644
index 000000000..8d6c59126
--- /dev/null
+++ b/web/api/v1/list/mail/index.php
@@ -0,0 +1,78 @@
+<?
+error_reporting(NULL);
+$TAB = 'MAIL';
+header("Content-Type: application/json");
+
+// Main include
+include($_SERVER['DOCUMENT_ROOT']."/inc/main.php");
+
+// Data & Render page
+if (empty($_GET['domain'])){
+    exec (VESTA_CMD."v-list-mail-domains $user json", $output, $return_var);
+    $data = json_decode(implode('', $output), true);
+    $data = array_reverse($data, true);
+    unset($output);
+
+    $favorites = $_SESSION['favourites']['MAIL'];
+
+    // render_page($user, $TAB, 'list_mail');
+} else {
+    exec (VESTA_CMD."v-list-mail-accounts ".$user." ".escapeshellarg($_GET['domain'])." json", $output, $return_var);
+    $data = json_decode(implode('', $output), true);
+    $data = array_reverse($data, true);
+    unset($output);
+
+    $favorites = $_SESSION['favourites']['MAIL_ACC'];
+
+    // render_page($user, $TAB, 'list_mail_acc');
+}
+
+$uname_arr=posix_uname();
+$hostname=$uname_arr['nodename'];
+
+top_panel(empty($_SESSION['look']) ? $_SESSION['user'] : $_SESSION['look'], $TAB);
+
+foreach ($data as $key => $value) {
+  ++$i;
+
+  list($http_host, $port) = explode(':', $_SERVER["HTTP_HOST"].":");
+  $webmail = "/webmail/";
+  if (!empty($_SESSION['MAIL_URL'])) $webmail = $_SESSION['MAIL_URL'];
+
+  if ($data[$key]['SUSPENDED'] == 'yes') {
+    $data[$key]['status'] = 'suspended';
+    $data[$key]['suspend_action'] = 'unsuspend' ;
+    $data[$key]['suspend_conf'] = __('UNSUSPEND_DOMAIN_CONFIRMATION', $key);
+  } else {
+    $data[$key]['status'] = 'active';
+    $data[$key]['suspend_action'] = 'suspend';
+    $data[$key]['suspend_conf'] = __('SUSPEND_DOMAIN_CONFIRMATION', $key);
+  }
+
+  if (empty($data[$key]['CATCHALL'])) {
+    $data[$key]['CATCHALL'] = '/dev/null';
+  }
+
+  if (empty($_GET['domain'])){
+  	$total_amount = $i === 1 ? __('1 domain') : __('%s domains', $i);
+  } else {
+  	$total_amount = $i === 1 ?  __('1 mail account') : __('%s mail account', $i);
+  }
+
+  $data[$key]['list_accounts_button'] = __('list accounts', $data[$key]['ACCOUNTS']);
+  $data[$key]['delete_conf'] = __('DELETE_DOMAIN_CONFIRMATION', $key);
+}
+
+// Back uri
+$_SESSION['back'] = $_SERVER['REQUEST_URI'];
+
+$object = (object)[];
+$object->data = $data;
+$object->user = $user;
+$object->panel = $panel;
+$object->webmail = $webmail;
+$object->hostname = $hostname;
+$object->totalAmount = $total_amount;
+$object->mailFav = $favorites;
+
+print json_encode($object);
\ No newline at end of file
diff --git a/web/api/v1/list/notifications/index.php b/web/api/v1/list/notifications/index.php
new file mode 100644
index 000000000..1190c5ce6
--- /dev/null
+++ b/web/api/v1/list/notifications/index.php
@@ -0,0 +1,25 @@
+<?php
+$TAB = 'NOTIFICATIONS';
+error_reporting(NULL);
+
+// Main include
+include($_SERVER['DOCUMENT_ROOT']."/inc/main.php");
+
+
+// Data
+exec (VESTA_CMD."v-list-user-notifications $user json", $output, $return_var);
+$notifications = json_decode(implode('', $output), true);
+$notifications = array_reverse($notifications,true);
+foreach($notifications as $key => $note){
+    $note['ID'] = $key;
+    $notifications[$key] = $note;
+}
+
+// Back uri
+$_SESSION['back'] = $_SERVER['REQUEST_URI'];
+
+$result = array(
+    'result' => empty($notifications) ? [] : $notifications
+);
+
+echo json_encode($result);
diff --git a/web/api/v1/list/package/index.php b/web/api/v1/list/package/index.php
new file mode 100644
index 000000000..2fe581232
--- /dev/null
+++ b/web/api/v1/list/package/index.php
@@ -0,0 +1,45 @@
+<?php
+error_reporting(NULL);
+$TAB = 'PACKAGE';
+header("Content-Type: application/json");
+
+// Main include
+include($_SERVER['DOCUMENT_ROOT']."/inc/main.php");
+top_panel(empty($_SESSION['look']) ? $_SESSION['user'] : $_SESSION['look'], $TAB);
+
+// Check user
+if ($_SESSION['user'] != 'admin') {
+    header("Location: /list/user");
+    exit;
+}
+
+// Data
+exec (VESTA_CMD."v-list-user-packages json", $output, $return_var);
+$data = json_decode(implode('', $output), true);
+unset($output);
+
+foreach ($data as $key => $value) {
+  ++$i;
+  if ( $i == 1) {
+    $total_amount = __('1 package');
+  } else {
+    $total_amount = __('%s packages',$i);
+  }
+  
+  $data[$key]['delete_conf'] = __('DELETE_PACKAGE_CONFIRMATION', $key);
+}
+
+// Render page
+// render_page($user, $TAB, 'list_packages');
+
+// Back uri
+$_SESSION['back'] = $_SERVER['REQUEST_URI'];
+
+$object = (object)[];
+$object->data = $data;
+$object->user = $user;
+$object->panel = $panel;
+$object->totalAmount = $total_amount;
+$object->packagesFav = $_SESSION['favourites']['PACKAGE'];
+
+print json_encode($object);
\ No newline at end of file
diff --git a/web/api/v1/list/rrd/image.php b/web/api/v1/list/rrd/image.php
new file mode 100644
index 000000000..600b11134
--- /dev/null
+++ b/web/api/v1/list/rrd/image.php
@@ -0,0 +1,13 @@
+<?php
+error_reporting(NULL);
+session_start();
+if ($_SESSION['user'] != 'admin') exit;
+$real_path = realpath($_SERVER["DOCUMENT_ROOT"].$_SERVER['QUERY_STRING']);
+if (empty($real_path)) exit;
+$dir_name = dirname($real_path);
+$dir_name = dirname($dir_name);
+if ($dir_name != $_SERVER["DOCUMENT_ROOT"].'/rrd') exit;
+header("X-Accel-Redirect: ".$_SERVER['QUERY_STRING']);
+header("Content-Type: image/png");
+
+?>
diff --git a/web/api/v1/list/rrd/index.php b/web/api/v1/list/rrd/index.php
new file mode 100644
index 000000000..2ba6b4dc5
--- /dev/null
+++ b/web/api/v1/list/rrd/index.php
@@ -0,0 +1,32 @@
+<?php
+error_reporting(NULL);
+$TAB = 'RRD';
+
+// Main include
+include($_SERVER['DOCUMENT_ROOT']."/inc/main.php");
+top_panel(empty($_SESSION['look']) ? $_SESSION['user'] : $_SESSION['look'], $TAB);
+header("Content-Type: application/json");
+
+// Check user
+if ($_SESSION['user'] != 'admin') {
+    header('Location: /list/user');
+    exit;
+}
+
+// Data
+exec (VESTA_CMD."v-list-sys-rrd json", $output, $return_var);
+$data = json_decode(implode('', $output), true);
+unset($output);
+
+// Render page
+// render_page($user, $TAB, 'list_rrd');
+
+// Back uri
+$_SESSION['back'] = $_SERVER['REQUEST_URI'];
+
+$object = (object)[];
+$object->data = $data;
+$object->user = $user;
+$object->panel = $panel;
+
+print json_encode($object);
\ No newline at end of file
diff --git a/web/api/v1/list/server/index.php b/web/api/v1/list/server/index.php
new file mode 100644
index 000000000..47363fcae
--- /dev/null
+++ b/web/api/v1/list/server/index.php
@@ -0,0 +1,113 @@
+<?php
+error_reporting(NULL);
+$TAB = 'SERVER';
+
+// Main include
+include($_SERVER['DOCUMENT_ROOT']."/inc/main.php");
+header("Content-Type: application/json");
+top_panel(empty($_SESSION['look']) ? $_SESSION['user'] : $_SESSION['look'], $TAB);
+
+// Check user
+if ($_SESSION['user'] != 'admin') {
+    header("Location: /list/user");
+    exit;
+}
+
+// CPU info
+if (isset($_GET['cpu'])) {
+    $TAB = 'CPU';
+    exec (VESTA_CMD.'v-list-sys-cpu-status', $output, $return_var);
+    $service_log = $output;
+}
+
+// Memory info
+if (isset($_GET['mem'])) {
+    $TAB = 'MEMORY';
+    exec (VESTA_CMD.'v-list-sys-memory-status', $output, $return_var);
+    $service_log = $output;
+}
+
+// Disk info
+if (isset($_GET['disk'])) {
+    $TAB = 'DISK';
+    exec (VESTA_CMD.'v-list-sys-disk-status', $output, $return_var);
+    $service_log = $output;
+}
+
+// Network info
+if (isset($_GET['net'])) {
+    $TAB = 'NETWORK';
+    exec (VESTA_CMD.'v-list-sys-network-status', $output, $return_var);
+    $service_log = $output;
+}
+
+// Web info
+if (isset($_GET['web'])) {
+    $TAB = 'WEB';
+    exec (VESTA_CMD.'v-list-sys-web-status', $output, $return_var);
+    $service_log = $output;
+}
+
+
+// DNS info
+if (isset($_GET['dns'])) {
+    $TAB = 'DNS';
+    exec (VESTA_CMD.'v-list-sys-dns-status', $output, $return_var);
+    $service_log = $output;
+}
+
+// Mail info
+if (isset($_GET['mail'])) {
+    $TAB = 'MAIL';
+    exec (VESTA_CMD.'v-list-sys-mail-status', $output, $return_var);
+    $service_log = $output;
+}
+
+// DB info
+if (isset($_GET['db'])) {
+    $TAB = 'DB';
+    exec (VESTA_CMD.'v-list-sys-db-status', $output, $return_var);
+    $service_log = $output;
+}
+
+// Data
+exec (VESTA_CMD."v-list-sys-info json", $output, $return_var);
+$sys = json_decode(implode('', $output), true);
+unset($output);
+exec (VESTA_CMD."v-list-sys-services json", $output, $return_var);
+$data = json_decode(implode('', $output), true);
+unset($output);
+
+foreach ($data as $key => $value) {
+	if ($data[$key]['STATE'] == 'running') {
+		$data[$key]['action_url'] = '/stop/service/?srv='.$key;
+	} else {
+		$data[$key]['action_url'] = '/start/service/?srv='.$key;
+	}
+
+	$data[$key]['SYSTEM'] = __($data[$key]['SYSTEM']);
+	$data[$key]['RTIME'] = humanize_time($data[$key]['RTIME']);
+
+	$cpu = $data[$key]['CPU'] / 10;
+    $data[$key]['CPU'] = number_format($cpu, 1);
+    if ($cpu == '0.0')  $data[$key]['CPU'] = 0;
+}
+
+foreach ($sys as $key => $value) {
+	$sys[$key]['UPTIME'] = humanize_time($sys[$key]['UPTIME']);
+}
+
+// Render page
+// render_page($user, $TAB, 'list_services');
+
+// Back uri
+$_SESSION['back'] = $_SERVER['REQUEST_URI'];
+
+$object = (object)[];
+$object->data = $data;
+$object->user = $user;
+$object->sys = $sys;
+$object->service_log = $service_log;
+$object->panel = $panel;
+
+print json_encode($object);
\ No newline at end of file
diff --git a/web/api/v1/list/stats/index.php b/web/api/v1/list/stats/index.php
new file mode 100644
index 000000000..9053d9227
--- /dev/null
+++ b/web/api/v1/list/stats/index.php
@@ -0,0 +1,58 @@
+<?php
+error_reporting(NULL);
+$TAB = 'STATS';
+
+// Main include
+include($_SERVER['DOCUMENT_ROOT']."/inc/main.php");
+top_panel(empty($_SESSION['look']) ? $_SESSION['user'] : $_SESSION['look'], $TAB);
+header('Content-Type: application/json');
+
+// Data
+if ($user == 'admin') {
+    if (empty($_GET['user'])) {
+        exec (VESTA_CMD."v-list-users-stats json", $output, $return_var);
+        $data = json_decode(implode('', $output), true);
+        $data = array_reverse($data, true);
+        unset($output);
+    } else {
+        $v_user = escapeshellarg($_GET['user']);
+        exec (VESTA_CMD."v-list-user-stats $v_user json", $output, $return_var);
+        $data = json_decode(implode('', $output), true);
+        $data = array_reverse($data, true);
+        unset($output);
+    }
+
+    exec (VESTA_CMD."v-list-sys-users 'json'", $output, $return_var);
+    $users = json_decode(implode('', $output), true);
+    unset($output);
+} else {
+    exec (VESTA_CMD."v-list-user-stats $user json", $output, $return_var);
+    $data = json_decode(implode('', $output), true);
+    $data = array_reverse($data, true);
+    unset($output);
+}
+
+foreach ($data as $key => $value) {
+  ++$i;
+
+  if ( $i == 1) {
+    $total_amount = __('1 month');
+  } else {
+    $total_amount = __('%s months',$i);
+  }
+}
+
+// Render page
+// render_page($user, $TAB, 'list_stats');
+
+// Back uri
+$_SESSION['back'] = $_SERVER['REQUEST_URI'];
+
+$object = (object)[];
+$object->data = $data;
+$object->user = $user;
+$object->panel = $panel;
+$object->users = $users;
+$object->totalAmount = $total_amount;
+
+print json_encode($object);
\ No newline at end of file
diff --git a/web/api/v1/list/updates/index.php b/web/api/v1/list/updates/index.php
new file mode 100644
index 000000000..7a4c7bdc3
--- /dev/null
+++ b/web/api/v1/list/updates/index.php
@@ -0,0 +1,36 @@
+<?php
+error_reporting(NULL);
+$TAB = 'UPDATES';
+
+// Main include
+include($_SERVER['DOCUMENT_ROOT']."/inc/main.php");
+top_panel(empty($_SESSION['look']) ? $_SESSION['user'] : $_SESSION['look'], $TAB);
+header('Content-Type: application/json');
+
+// Check user
+if ($_SESSION['user'] != 'admin') {
+    header('Location: /list/user');
+    exit;
+}
+
+// Data
+exec (VESTA_CMD."v-list-sys-vesta-updates json", $output, $return_var);
+$data = json_decode(implode('', $output), true);
+unset($output);
+exec (VESTA_CMD."v-list-sys-vesta-autoupdate plain", $output, $return_var);
+$autoupdate = $output[0];
+unset($output);
+
+// Render page
+// render_page($user, $TAB, 'list_updates');
+
+// Back uri
+$_SESSION['back'] = $_SERVER['REQUEST_URI'];
+
+$object = (object)[];
+$object->data = $data;
+$object->user = $user;
+$object->autoUpdate = $autoupdate;
+$object->panel = $panel;
+
+print json_encode($object);
\ No newline at end of file
diff --git a/web/api/v1/list/user/index.php b/web/api/v1/list/user/index.php
new file mode 100644
index 000000000..eb202cd80
--- /dev/null
+++ b/web/api/v1/list/user/index.php
@@ -0,0 +1,56 @@
+<?php
+error_reporting(NULL);
+$TAB = 'USER';
+header("Content-Type: application/json");
+
+// Main include
+include($_SERVER['DOCUMENT_ROOT']."/inc/main.php");
+
+// Data
+if ($user == 'admin') {
+    exec (VESTA_CMD . "v-list-users json", $output, $return_var);
+} else {
+    exec (VESTA_CMD . "v-list-user ".$user." json", $output, $return_var);
+}
+$data = json_decode(implode('', $output), true);
+$data = array_reverse($data,true);
+// Render page
+top_panel(empty($_SESSION['look']) ? $_SESSION['user'] : $_SESSION['look'], $TAB);
+// render_page($user, $TAB, 'list_user');
+
+$_SESSION['back'] = $_SERVER['REQUEST_URI'];
+
+foreach ($data as $key => $value) {
+  ++$i;
+  if ( $i == 1) {
+    $total_amount = __('1 account');
+  } else {
+    $total_amount = __('%s accounts', $i);
+  }
+  
+  if ($data[$key]['SUSPENDED'] == 'yes') {
+    $spnd_action = 'unsuspend' ;
+    $spnd_confirmation = 'UNSUSPEND_USER_CONFIRMATION';
+    $data[$key]['spnd_action'] = __($spnd_action);
+    $data[$key]['spnd_conf'] = __($spnd_confirmation, $key);
+  } else {
+    $spnd_action = 'suspend' ;
+    $spnd_confirmation = 'SUSPEND_USER_CONFIRMATION';
+    $data[$key]['spnd_action'] = __($spnd_action);
+    $data[$key]['spnd_conf'] = __($spnd_confirmation, $key);
+  }
+
+  $data[$key]['isChecked'] = false;
+  $data[$key]['delete_conf'] = __('DELETE_USER_CONFIRMATION', $key);
+}
+
+$result = array(
+  'data' => $data,
+  'user' => $user,
+  'panel' => $panel,
+  'token' => $_SESSION['token'],
+  'totalAmount' => $total_amount,
+  'userFav' => $_SESSION['favourites']['USER'],
+);
+
+echo json_encode($result);
diff --git a/web/api/v1/list/web-log/index.php b/web/api/v1/list/web-log/index.php
new file mode 100644
index 000000000..4f6823636
--- /dev/null
+++ b/web/api/v1/list/web-log/index.php
@@ -0,0 +1,29 @@
+<?php
+// Init
+error_reporting(NULL);
+
+header('Content-Type: application/json');
+
+include($_SERVER['DOCUMENT_ROOT']."/inc/main.php");
+
+// Header
+// include($_SERVER['DOCUMENT_ROOT'].'/templates/admin/list_weblog.html');
+
+$v_domain = escapeshellarg($_GET['domain']);
+if ($_GET['type'] == 'access') $type = 'access';
+if ($_GET['type'] == 'error') $type = 'error';
+
+$data = exec (VESTA_CMD."v-list-web-domain-".$type."log $user ".$v_domain, $output, $return_var);
+
+echo json_encode(
+	array(
+		'data' => $data
+	)
+);
+
+// if ($return_var == 0 ) {
+//     foreach($output as $file) {
+//         echo htmlentities($file) . "\n";
+//     }
+// }
+// echo "    </pre>\n</body>\n</html>\n";
diff --git a/web/api/v1/list/web/index.php b/web/api/v1/list/web/index.php
new file mode 100644
index 000000000..834b79fed
--- /dev/null
+++ b/web/api/v1/list/web/index.php
@@ -0,0 +1,110 @@
+<?php
+error_reporting(NULL);
+$TAB = 'WEB';
+
+header('Content-Type: application/json');
+
+// Main include
+include($_SERVER['DOCUMENT_ROOT']."/inc/main.php");
+
+// Data
+exec (VESTA_CMD."v-list-web-domains $user json", $output, $return_var);
+$data = json_decode(implode('', $output), true);
+$data = array_reverse($data,true);
+$ips = json_decode(shell_exec(VESTA_CMD.'v-list-sys-ips json'), true);
+
+// Render page
+top_panel(empty($_SESSION['look']) ? $_SESSION['user'] : $_SESSION['look'], $TAB);
+// render_page($user, $TAB, 'list_web');
+
+// Back uri
+$_SESSION['back'] = $_SERVER['REQUEST_URI'];
+
+foreach ($data as $key => $value) {
+  ++$i;
+
+  if ($data[$key]['SUSPENDED'] == 'yes') {
+    $data[$key]['status'] = 'suspended';
+    $data[$key]['spnd_action'] = 'unsuspend' ;
+    $data[$key]['spnd_confirmation'] = __('UNSUSPEND_DOMAIN_CONFIRMATION', $key);
+  } else {
+    $data[$key]['status'] = 'active';
+    $data[$key]['spnd_action'] = 'suspend' ;
+    $data[$key]['spnd_confirmation'] = __('SUSPEND_DOMAIN_CONFIRMATION', $key);
+  }
+
+  if (!empty($data[$key]['SSL_HOME'])) {
+    if ($data[$key]['SSL_HOME'] == 'same') {
+      $data[$key]['SSL_HOME'] = 'public_html';
+    } else {
+      $data[$key]['SSL_HOME'] = 'public_shtml';
+    }
+  } else {
+    $data[$key]['SSL_HOME'] = '';
+  }
+
+  $ftp_user='no';
+  if (!empty($data[$key]['FTP_USER'])) {
+    $ftp_user=$data[$key]['FTP_USER'];
+  }
+
+  if (strlen($ftp_user) > 24 ) {
+    $data[$key]['FTP_USER'] = str_replace(':', ', ', $ftp_user);
+    $data[$key]['FTP_USER'] = substr($ftp_user, 0, 24);
+    $data[$key]['FTP_USER'] = trim($ftp_user, ":");
+    $data[$key]['FTP_USER'] = str_replace(':', ', ', $ftp_user);
+    $data[$key]['FTP_USER'] = $ftp_user.", ...";
+  } else {
+    $data[$key]['FTP_USER'] = str_replace(':', ', ', $ftp_user);
+  }
+
+  if (strlen($data[$key]['PROXY_EXT']) > 24 ) {
+    $data[$key]['PROXY_EXT'] = str_replace(',', ', ', $data[$key]['PROXY_EXT']);
+    $data[$key]['PROXY_EXT'] = substr($data[$key]['PROXY_EXT'], 0, 24);
+    $data[$key]['PROXY_EXT'] = trim($proxy_ext, ",");
+    $data[$key]['PROXY_EXT'] = str_replace(',', ', ', $proxy_ext);
+    $data[$key]['PROXY_EXT'] = $proxy_ext.", ...";
+  } else {
+    $data[$key]['PROXY_EXT'] = '';
+    $data[$key]['PROXY_EXT'] = str_replace(',', ', ', $data[$key]['PROXY_EXT']);
+  }
+
+  $data[$key]['WEB_STATS'] = 'no';
+  if (!empty($data[$key]['STATS'])) {
+    $data[$key]['WEB_STATS'] = $data[$key]['STATS'];
+  }
+
+  $data[$key]['FTP'] = 'no';
+  if (!empty($data[$key]['FTP_USER'])) {
+    $data[$key]['FTP'] = $data[$key]['FTP_USER'];
+  }
+
+  $data[$key]['BACKEND_SUPPORT'] = 'no';
+  if (!empty($data[$key]['BACKEND'])) {
+    $data[$key]['BACKEND_SUPPORT'] = 'yes';
+  }
+
+  $data[$key]['PROXY_SUPPORT'] = 'no';
+  if (!empty($data[$key]['PROXY'])) {
+      $data[$key]['PROXY_SUPPORT'] = 'yes';
+  }
+
+  $data[$key]['delete_confirmation'] = __('DELETE_DOMAIN_CONFIRMATION', $key);
+
+  if ( $i == 1) {
+    $total_amount = __('1 domain');
+  } else {
+    $total_amount = __('%s domains',$i);
+  }
+}
+
+$object = (object)[];
+$object->data = $data;
+$object->user = $user;
+$object->panel = $panel;
+$object->totalAmount = $total_amount;
+$object->webFav = $_SESSION['favourites']['WEB'];
+
+print json_encode($object);
+?>
+
diff --git a/web/api/v1/login/index.php b/web/api/v1/login/index.php
new file mode 100644
index 000000000..2524cfff7
--- /dev/null
+++ b/web/api/v1/login/index.php
@@ -0,0 +1,170 @@
+<?php
+
+define('NO_AUTH_REQUIRED',true);
+header('Content-Type: application/json');
+
+// Main include
+include($_SERVER['DOCUMENT_ROOT']."/inc/main.php");
+
+$TAB = 'LOGIN';
+
+// Logout
+if (isset($_GET['logout'])) {
+    session_destroy();
+}
+
+// Login as someone else
+if (isset($_SESSION['user'])) {
+    if ((!isset($_GET['token'])) || ($_SESSION['token'] != $_GET['token'])) {
+        session_destroy();
+        session_start();
+        exit();
+    }
+    if ($_SESSION['user'] == 'admin' && !empty($_GET['loginas'])) {
+        exec (VESTA_CMD . "v-list-user ".escapeshellarg($_GET['loginas'])." json", $output, $return_var);
+        if ( $return_var == 0 ) {
+            $users = json_decode(implode('', $output), true);
+            reset($users);
+            $_SESSION['look'] = key($users);
+            $_SESSION['look_alert'] = 'yes';
+        }
+    } else {
+    	$v_user = empty($_SESSION['look']) ? $_SESSION['user'] : $_SESSION['look'];
+    	exec (VESTA_CMD . "v-list-user ".$v_user." json", $output, $return_var);
+        $users = json_decode(implode('', $output), true);
+    }
+}
+
+// Basic auth
+if (isset($_POST['user']) && isset($_POST['password'])) {
+    if(isset($_SESSION['token']) && isset($_POST['token']) && $_POST['token'] == $_SESSION['token']) {
+        $v_user = escapeshellarg($_POST['user']);
+        $v_ip = escapeshellarg($_SERVER['REMOTE_ADDR']);
+
+        if($_POST['user'] == 'root'){
+            unset($_POST['password']);
+            unset($_POST['user']);
+            $error = __('Login with root has been disabled');
+        } else {
+            // Get user's salt
+            $output = '';
+            exec (VESTA_CMD."v-get-user-salt ".$v_user." ".$v_ip." json" , $output, $return_var);
+            $pam = json_decode(implode('', $output), true);
+            if ( $return_var > 0 ) {
+                $error = __('Invalid username or password');
+            } else {
+                $user = $_POST['user'];
+                $password = $_POST['password'];
+                $salt = $pam[$user]['SALT'];
+                $method = $pam[$user]['METHOD'];
+
+                if ($method == 'md5' ) {
+                    $hash = crypt($password, '$1$'.$salt.'$');
+                }
+                if ($method == 'sha-512' ) {
+                    $hash = crypt($password, '$6$rounds=5000$'.$salt.'$');
+                    $hash = str_replace('$rounds=5000','',$hash);
+                }
+                if ($method == 'des' ) {
+                    $hash = crypt($password, $salt);
+                }
+
+                // Send hash via tmp file
+                $v_hash = exec('mktemp -p /tmp');
+                $fp = fopen($v_hash, "w");
+                fwrite($fp, $hash."\n");
+                fclose($fp);
+
+                // Check user hash
+                exec(VESTA_CMD ."v-check-user-hash ".$v_user." ".$v_hash." ".$v_ip,  $output, $return_var);
+                unset($output);
+
+                // Remove tmp file
+                unlink($v_hash);
+
+                // Check API answer
+                if ( $return_var > 0 ) {
+                    $error = __('Invalid username or password');
+                } else {
+
+                    // Make root admin user
+                    // if ($_POST['user'] == 'root') $v_user = 'admin';
+
+                    // Get user speciefic parameters
+                    exec (VESTA_CMD . "v-list-user ".$v_user." json", $output, $return_var);
+                    $users = json_decode(implode('', $output), true);
+
+                    // Define session user
+                    $_SESSION['user'] = key($users);
+                    $v_user = $_SESSION['user'];
+                    $_SESSION['root_dir'] = $users[$v_user]['HOME'];
+
+                    // Get user favorites
+                    get_favourites();
+
+                    // Define language
+                    $output = '';
+                    exec (VESTA_CMD."v-list-sys-languages json", $output, $return_var);
+                    $languages = json_decode(implode('', $output), true);
+                    if (in_array($users[$v_user]['LANGUAGE'], $languages)){
+                        $_SESSION['language'] = $users[$v_user]['LANGUAGE'];
+                    } else {
+                        $_SESSION['language'] = 'en';
+                    }
+
+                    // Regenerate session id to prevent session fixation
+                    session_regenerate_id(true);
+                }
+            }
+        }
+    } else {
+        $error = __('Invalid or missing token');
+    }
+}
+
+// Check system configuration
+exec (VESTA_CMD . "v-list-sys-config json", $output, $return_var);
+$data = json_decode(implode('', $output), true);
+$sys_arr = $data['config'];
+foreach ($sys_arr as $key => $value) {
+    $_SESSION[$key] = $value;
+}
+
+// Detect language
+if (empty($_SESSION['language'])) {
+    $output = '';
+    exec (VESTA_CMD."v-list-sys-config json", $output, $return_var);
+    $config = json_decode(implode('', $output), true);
+    $lang = $config['config']['LANGUAGE'];
+
+    $output = '';
+    exec (VESTA_CMD."v-list-sys-languages json", $output, $return_var);
+    $languages = json_decode(implode('', $output), true);
+    if(in_array($lang, $languages)){
+        $_SESSION['language'] = $lang;
+    }
+    else {
+        $_SESSION['language'] = 'en';
+    }
+}
+
+// Generate CSRF token
+$token = bin2hex(file_get_contents('/dev/urandom', false, null, 0, 16));
+$_SESSION['token'] = $token;
+
+require_once($_SERVER['DOCUMENT_ROOT'].'/inc/i18n/'.$_SESSION['language'].'.php');
+
+$v_user = empty($_SESSION['look']) ? $_SESSION['user'] : $_SESSION['look'];
+top_panel($v_user, $TAB);
+
+$result = array(
+    'token' => $_SESSION['token'],
+    'panel' => $panel,
+    'data' => $users[$v_user],
+    'user' => $v_user,
+    'session' => $_SESSION,
+    'i18n' => $LANG[$_SESSION['language']],
+    'error' => $error,
+);
+
+echo json_encode($result);
\ No newline at end of file
diff --git a/web/api/v1/login/session.php b/web/api/v1/login/session.php
new file mode 100644
index 000000000..84bf53812
--- /dev/null
+++ b/web/api/v1/login/session.php
@@ -0,0 +1,27 @@
+<?php
+header('Content-Type: application/json');
+
+error_reporting(NULL);
+define('NO_AUTH_REQUIRED', true);
+include($_SERVER['DOCUMENT_ROOT']."/inc/main.php");
+
+if (empty($_SESSION['language'])) {
+    $_SESSION['language'] = detect_user_language();
+}
+
+require_once($_SERVER['DOCUMENT_ROOT']."/inc/i18n/".$_SESSION['language'].".php");
+$v_user = empty($_SESSION['look']) ? $_SESSION['user'] : $_SESSION['look'];
+
+top_panel($v_user, $TAB);
+
+$result = array(
+    'panel' => $panel,
+    'data' => $panel[$v_user],
+    'user' => $v_user,
+    'token' => $_SESSION['token'],
+    'i18n' => $LANG[$_SESSION['language']],
+    'session' => $_SESSION,
+    'error' => $_SESSION['error_msg']
+);
+
+echo json_encode($result);
diff --git a/web/api/v1/logout/index.php b/web/api/v1/logout/index.php
new file mode 100644
index 000000000..8dee694d7
--- /dev/null
+++ b/web/api/v1/logout/index.php
@@ -0,0 +1,34 @@
+<?php
+
+header('Content-Type: application/json');
+include($_SERVER['DOCUMENT_ROOT']."/inc/main.php");
+require_once($_SERVER['DOCUMENT_ROOT'].'/inc/i18n/'.$_SESSION['language'].'.php');
+session_start();
+
+$response = '';
+
+if (!empty($_SESSION['look'])) {
+	unset($_SESSION['look']);
+	$response = 'logged_out_as';
+	$v_user = empty($_SESSION['look']) ? $_SESSION['user'] : $_SESSION['look'];
+	top_panel($v_user, $TAB);
+	exec (VESTA_CMD . "v-list-user ".$v_user." json", $output, $return_var);
+    $users = json_decode(implode('', $output), true);
+} else {
+	$response = 'logged_out';
+    session_destroy();
+}
+
+$result = array(
+	'logout_response' => $response,
+	'userName' => $v_user,
+	'token' => $_SESSION['token'],
+	'user' => $users[$v_user],
+	'panel' => $panel,
+	'session' => $_SESSION,
+	'i18n' => $LANG[$_SESSION['language']],
+  'error' => $_SESSION['error_msg']
+);
+
+echo json_encode($result);
+unset($_SESSION['error_msg']);
diff --git a/web/api/v1/reset/index.php b/web/api/v1/reset/index.php
new file mode 100644
index 000000000..ee4dcd8c8
--- /dev/null
+++ b/web/api/v1/reset/index.php
@@ -0,0 +1,93 @@
+<?php
+session_start();
+define('NO_AUTH_REQUIRED',true);
+$TAB = 'RESET PASSWORD';
+
+header('Content-Type: applcation/json');
+
+if (isset($_SESSION['user'])) {
+    // header("Location: /list/user");
+}
+
+// Main include
+include($_SERVER['DOCUMENT_ROOT']."/inc/main.php");
+
+if ((!empty($_POST['user'])) && (empty($_POST['code']))) {
+    $v_user = escapeshellarg($_POST['user']);
+    $user = $_POST['user'];
+    $cmd="/usr/bin/sudo /usr/local/vesta/bin/v-list-user";
+    exec ($cmd." ".$v_user." json", $output, $return_var);
+    if ( $return_var == 0 ) {
+        $data = json_decode(implode('', $output), true);
+        $rkey = $data[$user]['RKEY'];
+        $fname = $data[$user]['FNAME'];
+        $lname = $data[$user]['LNAME'];
+        $contact = $data[$user]['CONTACT'];
+        $to = $data[$user]['CONTACT'];
+        $subject = __('MAIL_RESET_SUBJECT',date("Y-m-d H:i:s"));
+        $hostname = exec('hostname');
+        $from = __('MAIL_FROM',$hostname);
+        if (!empty($fname)) {
+            $mailtext = __('GREETINGS_GORDON_FREEMAN',$fname,$lname);
+        } else {
+            $mailtext = __('GREETINGS');
+        }
+        $mailtext .= __('PASSWORD_RESET_REQUEST',$_SERVER['HTTP_HOST'],$user,$rkey,$_SERVER['HTTP_HOST'],$user,$rkey);
+        if (!empty($rkey)) send_email($to, $subject, $mailtext, $from);
+        unset($output);
+    }
+
+    // header("Location: /reset/?action=code&user=".$_POST['user']);
+    exit;
+}
+
+if ((!empty($_POST['user'])) && (!empty($_POST['code'])) && (!empty($_POST['password'])) ) {
+    if ( $_POST['password'] == $_POST['password_confirm'] ) {
+        $v_user = escapeshellarg($_POST['user']);
+        $user = $_POST['user'];
+        $cmd="/usr/bin/sudo /usr/local/vesta/bin/v-list-user";
+        exec ($cmd." ".$v_user." json", $output, $return_var);
+        if ( $return_var == 0 ) {
+            $data = json_decode(implode('', $output), true);
+            $rkey = $data[$user]['RKEY'];
+            if (hash_equals($rkey, $_POST['code'])) {
+                $v_password = tempnam("/tmp","vst");
+                $fp = fopen($v_password, "w");
+                fwrite($fp, $_POST['password']."\n");
+                fclose($fp);
+                $cmd="/usr/bin/sudo /usr/local/vesta/bin/v-change-user-password";
+                exec ($cmd." ".$v_user." ".$v_password, $output, $return_var);
+                unlink($v_password);
+                if ( $return_var > 0 ) {
+                    $ERROR = "<a class=\"error\">".__('An internal error occurred')."</a>";
+                } else {
+                    $_SESSION['user'] = $_POST['user'];
+                    // header("Location: /");
+                    // exit;
+                }
+            } else {
+                $ERROR = __('Invalid username or code');
+            }
+        } else {
+            $ERROR = __('Invalid username or code');
+        }
+    } else {
+        $ERROR = __('Passwords not match');
+    }
+}
+
+// Detect language
+if (empty($_SESSION['language'])) $_SESSION['language'] = detect_user_language();
+
+$v_user = empty($_SESSION['look']) ? $_SESSION['user'] : $_SESSION['look'];
+top_panel($v_user, $TAB);
+
+$result = array(
+    'error' => $ERROR,
+    'token' => empty($ERROR) ? $_SESSION['token'] : '',
+    'panel' => $panel,
+    'user' => $v_user,
+    'session' => $_SESSION,
+);
+
+echo json_encode($result);
diff --git a/web/api/v1/restart/service/index.php b/web/api/v1/restart/service/index.php
new file mode 100644
index 000000000..de2e33b76
--- /dev/null
+++ b/web/api/v1/restart/service/index.php
@@ -0,0 +1,32 @@
+<?php
+// Init
+error_reporting(NULL);
+ob_start();
+session_start();
+header('Content-Type: application/json');
+include($_SERVER['DOCUMENT_ROOT']."/inc/main.php");
+
+// Check token
+if ((!isset($_GET['token'])) || ($_SESSION['token'] != $_GET['token'])) {
+    exit();
+}
+
+if ($_SESSION['user'] == 'admin') {
+    if (!empty($_GET['srv'])) {
+        if ($_GET['srv'] == 'iptables') {
+            exec (VESTA_CMD."v-update-firewall", $output, $return_var);
+        } else {
+            $v_service = escapeshellarg($_GET['srv']);
+            exec (VESTA_CMD."v-restart-service ".$v_service, $output, $return_var);
+        }
+    }
+    if ($return_var != 0) {
+        $error = implode('<br>', $output);
+        if (empty($error)) $error =  __('SERVICE_ACTION_FAILED',__('restart'),$v_service);
+            $_SESSION['error_msg'] = $error;
+    }
+    unset($output);
+}
+
+echo json_encode(array('error' => $_SESSION['error_msg']));
+unset($_SESSION['error_msg']);
diff --git a/web/api/v1/rrd/daily.rrd b/web/api/v1/rrd/daily.rrd
new file mode 100644
index 000000000..e69de29bb
diff --git a/web/api/v1/rrd/db/daily-mysql_localhost.png b/web/api/v1/rrd/db/daily-mysql_localhost.png
new file mode 100644
index 000000000..8d9f94024
Binary files /dev/null and b/web/api/v1/rrd/db/daily-mysql_localhost.png differ
diff --git a/web/api/v1/rrd/db/daily-pgsql_localhost.png b/web/api/v1/rrd/db/daily-pgsql_localhost.png
new file mode 100644
index 000000000..3668da7c9
Binary files /dev/null and b/web/api/v1/rrd/db/daily-pgsql_localhost.png differ
diff --git a/web/api/v1/rrd/db/monthly-mysql_localhost.png b/web/api/v1/rrd/db/monthly-mysql_localhost.png
new file mode 100644
index 000000000..7fbe8e94d
Binary files /dev/null and b/web/api/v1/rrd/db/monthly-mysql_localhost.png differ
diff --git a/web/api/v1/rrd/db/monthly-pgsql_localhost.png b/web/api/v1/rrd/db/monthly-pgsql_localhost.png
new file mode 100644
index 000000000..6af332884
Binary files /dev/null and b/web/api/v1/rrd/db/monthly-pgsql_localhost.png differ
diff --git a/web/api/v1/rrd/db/mysql_localhost.rrd b/web/api/v1/rrd/db/mysql_localhost.rrd
new file mode 100644
index 000000000..ec7554896
Binary files /dev/null and b/web/api/v1/rrd/db/mysql_localhost.rrd differ
diff --git a/web/api/v1/rrd/db/pgsql_localhost.rrd b/web/api/v1/rrd/db/pgsql_localhost.rrd
new file mode 100644
index 000000000..7aae6ef04
Binary files /dev/null and b/web/api/v1/rrd/db/pgsql_localhost.rrd differ
diff --git a/web/api/v1/rrd/db/weekly-mysql_localhost.png b/web/api/v1/rrd/db/weekly-mysql_localhost.png
new file mode 100644
index 000000000..706b5704c
Binary files /dev/null and b/web/api/v1/rrd/db/weekly-mysql_localhost.png differ
diff --git a/web/api/v1/rrd/db/weekly-pgsql_localhost.png b/web/api/v1/rrd/db/weekly-pgsql_localhost.png
new file mode 100644
index 000000000..c976bd346
Binary files /dev/null and b/web/api/v1/rrd/db/weekly-pgsql_localhost.png differ
diff --git a/web/api/v1/rrd/db/yearly-mysql_localhost.png b/web/api/v1/rrd/db/yearly-mysql_localhost.png
new file mode 100644
index 000000000..7ce0c75a9
Binary files /dev/null and b/web/api/v1/rrd/db/yearly-mysql_localhost.png differ
diff --git a/web/api/v1/rrd/db/yearly-pgsql_localhost.png b/web/api/v1/rrd/db/yearly-pgsql_localhost.png
new file mode 100644
index 000000000..b9e64ed31
Binary files /dev/null and b/web/api/v1/rrd/db/yearly-pgsql_localhost.png differ
diff --git a/web/api/v1/rrd/ftp/daily-ftp.png b/web/api/v1/rrd/ftp/daily-ftp.png
new file mode 100644
index 000000000..a6fc1f2c9
Binary files /dev/null and b/web/api/v1/rrd/ftp/daily-ftp.png differ
diff --git a/web/api/v1/rrd/ftp/ftp.rrd b/web/api/v1/rrd/ftp/ftp.rrd
new file mode 100644
index 000000000..14f93fa29
Binary files /dev/null and b/web/api/v1/rrd/ftp/ftp.rrd differ
diff --git a/web/api/v1/rrd/ftp/monthly-ftp.png b/web/api/v1/rrd/ftp/monthly-ftp.png
new file mode 100644
index 000000000..1aa5595dc
Binary files /dev/null and b/web/api/v1/rrd/ftp/monthly-ftp.png differ
diff --git a/web/api/v1/rrd/ftp/weekly-ftp.png b/web/api/v1/rrd/ftp/weekly-ftp.png
new file mode 100644
index 000000000..7c416aaaf
Binary files /dev/null and b/web/api/v1/rrd/ftp/weekly-ftp.png differ
diff --git a/web/api/v1/rrd/ftp/yearly-ftp.png b/web/api/v1/rrd/ftp/yearly-ftp.png
new file mode 100644
index 000000000..d2f69ef49
Binary files /dev/null and b/web/api/v1/rrd/ftp/yearly-ftp.png differ
diff --git a/web/api/v1/rrd/la/daily-la.png b/web/api/v1/rrd/la/daily-la.png
new file mode 100644
index 000000000..5f2334acc
Binary files /dev/null and b/web/api/v1/rrd/la/daily-la.png differ
diff --git a/web/api/v1/rrd/la/la.rrd b/web/api/v1/rrd/la/la.rrd
new file mode 100644
index 000000000..1d55ed675
Binary files /dev/null and b/web/api/v1/rrd/la/la.rrd differ
diff --git a/web/api/v1/rrd/la/monthly-la.png b/web/api/v1/rrd/la/monthly-la.png
new file mode 100644
index 000000000..359cb88ac
Binary files /dev/null and b/web/api/v1/rrd/la/monthly-la.png differ
diff --git a/web/api/v1/rrd/la/weekly-la.png b/web/api/v1/rrd/la/weekly-la.png
new file mode 100644
index 000000000..be0037c47
Binary files /dev/null and b/web/api/v1/rrd/la/weekly-la.png differ
diff --git a/web/api/v1/rrd/la/yearly-la.png b/web/api/v1/rrd/la/yearly-la.png
new file mode 100644
index 000000000..abbf1fe85
Binary files /dev/null and b/web/api/v1/rrd/la/yearly-la.png differ
diff --git a/web/api/v1/rrd/mail/daily-mail.png b/web/api/v1/rrd/mail/daily-mail.png
new file mode 100644
index 000000000..8af2f3d5c
Binary files /dev/null and b/web/api/v1/rrd/mail/daily-mail.png differ
diff --git a/web/api/v1/rrd/mail/mail.rrd b/web/api/v1/rrd/mail/mail.rrd
new file mode 100644
index 000000000..756ebc657
Binary files /dev/null and b/web/api/v1/rrd/mail/mail.rrd differ
diff --git a/web/api/v1/rrd/mail/monthly-mail.png b/web/api/v1/rrd/mail/monthly-mail.png
new file mode 100644
index 000000000..ba6ec35c8
Binary files /dev/null and b/web/api/v1/rrd/mail/monthly-mail.png differ
diff --git a/web/api/v1/rrd/mail/weekly-mail.png b/web/api/v1/rrd/mail/weekly-mail.png
new file mode 100644
index 000000000..4d295ffd1
Binary files /dev/null and b/web/api/v1/rrd/mail/weekly-mail.png differ
diff --git a/web/api/v1/rrd/mail/yearly-mail.png b/web/api/v1/rrd/mail/yearly-mail.png
new file mode 100644
index 000000000..538c2afc4
Binary files /dev/null and b/web/api/v1/rrd/mail/yearly-mail.png differ
diff --git a/web/api/v1/rrd/mem/daily-mem.png b/web/api/v1/rrd/mem/daily-mem.png
new file mode 100644
index 000000000..0a20253c3
Binary files /dev/null and b/web/api/v1/rrd/mem/daily-mem.png differ
diff --git a/web/api/v1/rrd/mem/mem.rrd b/web/api/v1/rrd/mem/mem.rrd
new file mode 100644
index 000000000..49f339c60
Binary files /dev/null and b/web/api/v1/rrd/mem/mem.rrd differ
diff --git a/web/api/v1/rrd/mem/monthly-mem.png b/web/api/v1/rrd/mem/monthly-mem.png
new file mode 100644
index 000000000..15a41e11e
Binary files /dev/null and b/web/api/v1/rrd/mem/monthly-mem.png differ
diff --git a/web/api/v1/rrd/mem/weekly-mem.png b/web/api/v1/rrd/mem/weekly-mem.png
new file mode 100644
index 000000000..38e4d1158
Binary files /dev/null and b/web/api/v1/rrd/mem/weekly-mem.png differ
diff --git a/web/api/v1/rrd/mem/yearly-mem.png b/web/api/v1/rrd/mem/yearly-mem.png
new file mode 100644
index 000000000..67010a9a4
Binary files /dev/null and b/web/api/v1/rrd/mem/yearly-mem.png differ
diff --git a/web/api/v1/rrd/monthly.rrd b/web/api/v1/rrd/monthly.rrd
new file mode 100644
index 000000000..e69de29bb
diff --git a/web/api/v1/rrd/net/daily-eth0.png b/web/api/v1/rrd/net/daily-eth0.png
new file mode 100644
index 000000000..073ecdf9c
Binary files /dev/null and b/web/api/v1/rrd/net/daily-eth0.png differ
diff --git a/web/api/v1/rrd/net/daily-eth1.png b/web/api/v1/rrd/net/daily-eth1.png
new file mode 100644
index 000000000..2dcfde654
Binary files /dev/null and b/web/api/v1/rrd/net/daily-eth1.png differ
diff --git a/web/api/v1/rrd/net/daily-sit0.png b/web/api/v1/rrd/net/daily-sit0.png
new file mode 100644
index 000000000..f7e7558ec
Binary files /dev/null and b/web/api/v1/rrd/net/daily-sit0.png differ
diff --git a/web/api/v1/rrd/net/eth0.rrd b/web/api/v1/rrd/net/eth0.rrd
new file mode 100644
index 000000000..a448ca924
Binary files /dev/null and b/web/api/v1/rrd/net/eth0.rrd differ
diff --git a/web/api/v1/rrd/net/eth1.rrd b/web/api/v1/rrd/net/eth1.rrd
new file mode 100644
index 000000000..722a7b2f3
Binary files /dev/null and b/web/api/v1/rrd/net/eth1.rrd differ
diff --git a/web/api/v1/rrd/net/monthly-eth0.png b/web/api/v1/rrd/net/monthly-eth0.png
new file mode 100644
index 000000000..1d2bdedc8
Binary files /dev/null and b/web/api/v1/rrd/net/monthly-eth0.png differ
diff --git a/web/api/v1/rrd/net/monthly-eth1.png b/web/api/v1/rrd/net/monthly-eth1.png
new file mode 100644
index 000000000..be4be7dd6
Binary files /dev/null and b/web/api/v1/rrd/net/monthly-eth1.png differ
diff --git a/web/api/v1/rrd/net/monthly-sit0.png b/web/api/v1/rrd/net/monthly-sit0.png
new file mode 100644
index 000000000..dc0b9b691
Binary files /dev/null and b/web/api/v1/rrd/net/monthly-sit0.png differ
diff --git a/web/api/v1/rrd/net/sit0.rrd b/web/api/v1/rrd/net/sit0.rrd
new file mode 100644
index 000000000..48abe1339
Binary files /dev/null and b/web/api/v1/rrd/net/sit0.rrd differ
diff --git a/web/api/v1/rrd/net/weekly-eth0.png b/web/api/v1/rrd/net/weekly-eth0.png
new file mode 100644
index 000000000..9b37693c1
Binary files /dev/null and b/web/api/v1/rrd/net/weekly-eth0.png differ
diff --git a/web/api/v1/rrd/net/weekly-eth1.png b/web/api/v1/rrd/net/weekly-eth1.png
new file mode 100644
index 000000000..a73f2ddfd
Binary files /dev/null and b/web/api/v1/rrd/net/weekly-eth1.png differ
diff --git a/web/api/v1/rrd/net/weekly-sit0.png b/web/api/v1/rrd/net/weekly-sit0.png
new file mode 100644
index 000000000..40c938f6a
Binary files /dev/null and b/web/api/v1/rrd/net/weekly-sit0.png differ
diff --git a/web/api/v1/rrd/net/yearly-eth0.png b/web/api/v1/rrd/net/yearly-eth0.png
new file mode 100644
index 000000000..2818a48e6
Binary files /dev/null and b/web/api/v1/rrd/net/yearly-eth0.png differ
diff --git a/web/api/v1/rrd/net/yearly-eth1.png b/web/api/v1/rrd/net/yearly-eth1.png
new file mode 100644
index 000000000..57ae32deb
Binary files /dev/null and b/web/api/v1/rrd/net/yearly-eth1.png differ
diff --git a/web/api/v1/rrd/net/yearly-sit0.png b/web/api/v1/rrd/net/yearly-sit0.png
new file mode 100644
index 000000000..00789cbb8
Binary files /dev/null and b/web/api/v1/rrd/net/yearly-sit0.png differ
diff --git a/web/api/v1/rrd/ssh/daily-ssh.png b/web/api/v1/rrd/ssh/daily-ssh.png
new file mode 100644
index 000000000..22e912090
Binary files /dev/null and b/web/api/v1/rrd/ssh/daily-ssh.png differ
diff --git a/web/api/v1/rrd/ssh/monthly-ssh.png b/web/api/v1/rrd/ssh/monthly-ssh.png
new file mode 100644
index 000000000..5fe439d90
Binary files /dev/null and b/web/api/v1/rrd/ssh/monthly-ssh.png differ
diff --git a/web/api/v1/rrd/ssh/ssh.rrd b/web/api/v1/rrd/ssh/ssh.rrd
new file mode 100644
index 000000000..93666c785
Binary files /dev/null and b/web/api/v1/rrd/ssh/ssh.rrd differ
diff --git a/web/api/v1/rrd/ssh/weekly-ssh.png b/web/api/v1/rrd/ssh/weekly-ssh.png
new file mode 100644
index 000000000..3f2c28662
Binary files /dev/null and b/web/api/v1/rrd/ssh/weekly-ssh.png differ
diff --git a/web/api/v1/rrd/ssh/yearly-ssh.png b/web/api/v1/rrd/ssh/yearly-ssh.png
new file mode 100644
index 000000000..8cbabc57d
Binary files /dev/null and b/web/api/v1/rrd/ssh/yearly-ssh.png differ
diff --git a/web/api/v1/rrd/web/daily-httpd.png b/web/api/v1/rrd/web/daily-httpd.png
new file mode 100644
index 000000000..0b3a802e7
Binary files /dev/null and b/web/api/v1/rrd/web/daily-httpd.png differ
diff --git a/web/api/v1/rrd/web/daily-nginx.png b/web/api/v1/rrd/web/daily-nginx.png
new file mode 100644
index 000000000..b1eb9af79
Binary files /dev/null and b/web/api/v1/rrd/web/daily-nginx.png differ
diff --git a/web/api/v1/rrd/web/httpd.rrd b/web/api/v1/rrd/web/httpd.rrd
new file mode 100644
index 000000000..870317a58
Binary files /dev/null and b/web/api/v1/rrd/web/httpd.rrd differ
diff --git a/web/api/v1/rrd/web/monthly-httpd.png b/web/api/v1/rrd/web/monthly-httpd.png
new file mode 100644
index 000000000..5fa080677
Binary files /dev/null and b/web/api/v1/rrd/web/monthly-httpd.png differ
diff --git a/web/api/v1/rrd/web/monthly-nginx.png b/web/api/v1/rrd/web/monthly-nginx.png
new file mode 100644
index 000000000..bee3a7517
Binary files /dev/null and b/web/api/v1/rrd/web/monthly-nginx.png differ
diff --git a/web/api/v1/rrd/web/nginx.rrd b/web/api/v1/rrd/web/nginx.rrd
new file mode 100644
index 000000000..03f655c0e
Binary files /dev/null and b/web/api/v1/rrd/web/nginx.rrd differ
diff --git a/web/api/v1/rrd/web/weekly-httpd.png b/web/api/v1/rrd/web/weekly-httpd.png
new file mode 100644
index 000000000..5f9c1ce58
Binary files /dev/null and b/web/api/v1/rrd/web/weekly-httpd.png differ
diff --git a/web/api/v1/rrd/web/weekly-nginx.png b/web/api/v1/rrd/web/weekly-nginx.png
new file mode 100644
index 000000000..34cb37cbb
Binary files /dev/null and b/web/api/v1/rrd/web/weekly-nginx.png differ
diff --git a/web/api/v1/rrd/web/yearly-httpd.png b/web/api/v1/rrd/web/yearly-httpd.png
new file mode 100644
index 000000000..867c9db03
Binary files /dev/null and b/web/api/v1/rrd/web/yearly-httpd.png differ
diff --git a/web/api/v1/rrd/web/yearly-nginx.png b/web/api/v1/rrd/web/yearly-nginx.png
new file mode 100644
index 000000000..bef0d74a4
Binary files /dev/null and b/web/api/v1/rrd/web/yearly-nginx.png differ
diff --git a/web/api/v1/rrd/weekly.rrd b/web/api/v1/rrd/weekly.rrd
new file mode 100644
index 000000000..e69de29bb
diff --git a/web/api/v1/rrd/yearly.rrd b/web/api/v1/rrd/yearly.rrd
new file mode 100644
index 000000000..e69de29bb
diff --git a/web/api/v1/schedule/restore/index.php b/web/api/v1/schedule/restore/index.php
new file mode 100644
index 000000000..6816fefb0
--- /dev/null
+++ b/web/api/v1/schedule/restore/index.php
@@ -0,0 +1,52 @@
+<?php
+// Init
+error_reporting(NULL);
+ob_start();
+session_start();
+header('Content-Type: application/json');
+
+include($_SERVER['DOCUMENT_ROOT']."/inc/main.php");
+
+$backup = escapeshellarg($_GET['backup']);
+
+$web = 'no';
+$dns = 'no';
+$mail = 'no';
+$db = 'no';
+$cron = 'no';
+$udir = 'no';
+
+if ($_GET['type'] == 'web') $web = escapeshellarg($_GET['object']);
+if ($_GET['type'] == 'dns') $dns = escapeshellarg($_GET['object']);
+if ($_GET['type'] == 'mail') $mail = escapeshellarg($_GET['object']);
+if ($_GET['type'] == 'db') $db = escapeshellarg($_GET['object']);
+if ($_GET['type'] == 'cron') $cron = 'yes';
+if ($_GET['type'] == 'udir') $udir = escapeshellarg($_GET['object']);
+
+if (!empty($_GET['type'])) {
+    $restore_cmd = VESTA_CMD."v-schedule-user-restore ".$user." ".$backup." ".$web." ".$dns." ".$mail." ".$db." ".$cron." ".$udir;
+} else {
+    $restore_cmd = VESTA_CMD."v-schedule-user-restore ".$user." ".$backup;
+}
+
+exec ($restore_cmd, $output, $return_var);
+if ($return_var == 0) {
+    $_SESSION['error_msg'] = __('RESTORE_SCHEDULED');
+} else {
+    $_SESSION['error_msg'] = implode('<br>', $output);
+    if (empty($_SESSION['error_msg'])) {
+        $_SESSION['error_msg'] = __('Error: vesta did not return any output.');
+    }
+    if ($return_var == 4) {
+        $_SESSION['error_msg'] = __('RESTORE_EXISTS');
+    }
+}
+
+$result = array(
+    'ok' => $_SESSION['ok_msg'],
+    'error' => $_SESSION['error_msg'],
+);
+
+echo json_encode($result);
+unset($_SESSION['error_msg']);
+unset($_SESSION['ok_msg']);
diff --git a/web/api/v1/search/index.php b/web/api/v1/search/index.php
new file mode 100644
index 000000000..e13e12ee4
--- /dev/null
+++ b/web/api/v1/search/index.php
@@ -0,0 +1,149 @@
+<?php
+// Init
+error_reporting(NULL);
+$TAB = 'SEARCH';
+header('Content-Type: application/json');
+
+$_SESSION['back'] = $_SERVER['REQUEST_URI'];
+
+// Main include
+include($_SERVER['DOCUMENT_ROOT']."/inc/main.php");
+
+// Check query
+$q = $_GET['q'];
+if (empty($q)) {
+    $back=getenv("HTTP_REFERER");
+    if (!empty($back)) {
+        header("Location: ".$back);
+        exit;
+    }
+    header("Location: /");
+    exit;
+}
+
+// Data
+$q = escapeshellarg($q);
+$command = $_SESSION['user'] == 'admin'
+           ? "v-search-object $q json"
+           : "v-search-user-object $user $q json";
+
+exec (VESTA_CMD . $command, $output, $return_var);
+$data = json_decode(implode('', $output), true);
+
+
+// Render page
+// render_page($user, $TAB, 'list_search');
+
+foreach ($data as $key => $value) {
+    ++$i;
+
+    if ($value['SUSPENDED'] == 'yes') {
+        $data[$key]['status'] = __('suspended');
+        $data[$key]['spnd_action'] = __('unsuspend');
+    } else {
+        $data[$key]['status'] = __('active');
+        $data[$key]['spnd_action'] = __('suspend');
+    }
+
+    if ($value['TYPE'] == 'db') {
+        $data[$key]['object'] = 'database';
+    } else {
+        $data[$key]['object'] = strtolower($value['TYPE'] . ' ' . $value['KEY']);
+    }
+
+    $uniq_id = $value['TYPE'] . '-';
+    if ($value['KEY'] == 'ACCOUNT'){
+      $uniq_id .= 'acc-';
+    }    
+    $uniq_id .= sha1($value['RESULT']);
+    $data[$key]['uniq_id'] = $uniq_id;
+
+    if ($value['KEY'] == 'RECORD') {
+        $data[$key]['edit_link'] = '/edit/'.$value['TYPE'].'/?domain='.$value['PARENT'].'&record_id='.$value['LINK'].'&user='.$value['USER'];
+    }
+    if ($value['KEY'] == 'ACCOUNT') {
+        $data[$key]['edit_link'] = '/edit/'.$value['TYPE'].'/?domain='.$value['PARENT'].'&account='.$value['LINK'].'&user='.$value['USER'];
+    }
+    if ($value['KEY'] == 'JOB') {
+        $data[$key]['edit_link'] = '/edit/'.$value['TYPE'].'/?job='.$value['LINK'].'&user='.$value['USER'];
+    }
+    if ($value['KEY'] == 'DATABASE') {
+        $data[$key]['edit_link'] = '/edit/'.$value['TYPE'].'/?database='.$value['RESULT'].'&user='.$value['USER'];
+    }
+    if (($value['KEY'] != 'RECORD') && ($value['KEY'] != 'ACCOUNT') && ($value['KEY'] != 'JOB') && ($value['KEY'] != 'DATABASE') ) {
+        $data[$key]['edit_link'] = '/edit/'.$value['TYPE'].'/?'.strtolower($value['KEY']).'='.$value['RESULT'].'&user='.$value['USER'];
+    }
+
+    if ($value['KEY'] == 'RECORD') {
+        $data[$key]['spnd_link'] = $spnd_action.'/'.$value['TYPE'].'/?domain='.$value['PARENT'].'&record_id='.$value['LINK'].'&user='.$value['USER'];
+        $data[$key]['spnd_confirmation'] = __('SUSPEND_RECORD_CONFIRMATION', $key);
+    }
+    if ($value['KEY'] == 'ACCOUNT') {
+        $data[$key]['spnd_link'] = $spnd_action.'/'.$value['TYPE'].'/?domain='.$value['PARENT'].'&account='.$value['LINK'].'&user='.$value['USER'];
+        $data[$key]['spnd_confirmation'] = __('SUSPEND_USER_CONFIRMATION', $key);
+    }
+    if ($value['KEY'] == 'JOB') {
+        $data[$key]['spnd_link'] = $spnd_action.'/'.$value['TYPE'].'/?job='.$value['LINK'].'&user='.$value['USER'];
+        $data[$key]['spnd_confirmation'] = __('SUSPEND_CRON_CONFIRMATION', $key);
+    }
+    if ($value['KEY'] == 'DATABASE') {
+        $data[$key]['spnd_link'] = $spnd_action.'/'.$value['TYPE'].'/?database='.$value['RESULT'].'&user='.$value['USER'];
+        $data[$key]['spnd_confirmation'] = __('SUSPEND_DATABASE_CONFIRMATION', $key);
+    }
+    if (($value['KEY'] != 'RECORD') && ($value['KEY'] != 'ACCOUNT') && ($value['KEY'] != 'JOB') && ($value['KEY'] != 'DATABASE') ) {
+        $data[$key]['spnd_link'] = $spnd_action.'/'.$value['TYPE'].'/?'.strtolower($value['KEY']).'='.$value['RESULT'].'&user='.$value['USER'];
+        $data[$key]['spnd_confirmation'] = __('SUSPEND_DOMAIN_CONFIRMATION', $key);
+    }
+
+    if ($value['KEY'] == 'RECORD') {
+        $data[$key]['delete_link'] = '/delete/'.$value['TYPE'].'/?domain='.$value['PARENT'].'&record_id='.$value['LINK'].'&user='.$value['USER'];
+        $data[$key]['delete_confirmation'] = __('DELETE_RECORD_CONFIRMATION', $key);
+    }
+    if ($value['KEY'] == 'ACCOUNT') {
+        $data[$key]['delete_link'] = '/delete/'.$value['TYPE'].'/?domain='.$value['PARENT'].'&account='.$value['LINK'].'&user='.$value['USER'];
+        $data[$key]['delete_confirmation'] = __('DELETE_USER_CONFIRMATION', $key);
+    }
+    if ($value['KEY'] == 'JOB') {
+        $data[$key]['delete_link'] = '/delete/'.$value['TYPE'].'/?job='.$value['LINK'].'&user='.$value['USER'];
+        $data[$key]['delete_confirmation'] = __('DELETE_CRON_CONFIRMATION', $key);
+    }
+    if ($value['KEY'] == 'DATABASE') {
+        $data[$key]['delete_link'] = '/delete/'.$value['TYPE'].'/?database='.$value['RESULT'].'&user='.$value['USER'];
+        $data[$key]['delete_confirmation'] = __('DELETE_DATABASE_CONFIRMATION', $key);
+    }
+    if (($value['KEY'] != 'RECORD') && ($value['KEY'] != 'ACCOUNT') && ($value['KEY'] != 'JOB') && ($value['KEY'] != 'DATABASE') ) {
+        $data[$key]['delete_link'] = '/delete/'.$value['TYPE'].'/?'.strtolower($value['KEY']).'='.$value['RESULT'].'&user='.$value['USER'];
+        $data[$key]['delete_confirmation'] = __('DELETE_DOMAIN_CONFIRMATION', $key);
+    }
+
+    if ($value['TYPE'] == 'user') {
+        if ($key == $user) {
+            $data[$key]['logout_link'] = '/logout';
+        } else {
+            $data[$key]['login_as_link'] = '/login/?loginas='.$data[$key]['USER'];
+        }
+
+        $data[$key]['spnd_confirmation'] = $value['SUSPENDED'] == 'yes' ? __('UNSUSPEND_USER_CONFIRMATION', $value['USER']) : __('SUSPEND_USER_CONFIRMATION', $value['USER']);
+        $data[$key]['delete_confirmation'] = __('DELETE_USER_CONFIRMATION', $value['USER']);
+    }
+
+    $data[$key]['ALIAS'] = str_replace(',', ', ', $value['ALIAS']);
+
+    $data[$key]['STARRED'] = 0;
+    if($_COOKIE[$uniq_id] == 1) {
+        $data[$key]['STARRED'] = 1;
+    }
+
+    if ( $i == 1) {
+        $total = __('1 object');
+    } else {
+        $total = __('%s objects',$i);
+    }
+}
+
+$result = array(
+	'data' => $data,
+	'total' => isset($total) ? $total : __('%s objects', 0)
+);
+
+echo json_encode($result);
diff --git a/web/api/v1/start/service/index.php b/web/api/v1/start/service/index.php
new file mode 100644
index 000000000..4cdb33417
--- /dev/null
+++ b/web/api/v1/start/service/index.php
@@ -0,0 +1,27 @@
+<?php
+// Init
+error_reporting(NULL);
+ob_start();
+header('Content-Type: application/json');
+session_start();
+include($_SERVER['DOCUMENT_ROOT']."/inc/main.php");
+
+if ($_SESSION['user'] == 'admin') {
+    if (!empty($_GET['srv'])) {
+        if ($_GET['srv'] == 'iptables') {
+            exec (VESTA_CMD."v-update-firewall", $output, $return_var);
+        } else {
+            $v_service = escapeshellarg($_GET['srv']);
+            exec (VESTA_CMD."v-start-service ".$v_service, $output, $return_var);
+        }
+    }
+    if ($return_var != 0) {
+        $error = implode('<br>', $output);
+        if (empty($error)) $error =  __('SERVICE_ACTION_FAILED',__('start'),$v_service);;
+            $_SESSION['error_srv'] = $error;
+    }
+    unset($output);
+}
+
+echo json_encode(array('error' => $_SESSION['error_msg']));
+unset($_SESSION['error_msg']);
diff --git a/web/api/v1/stop/service/index.php b/web/api/v1/stop/service/index.php
new file mode 100644
index 000000000..cc0308eb0
--- /dev/null
+++ b/web/api/v1/stop/service/index.php
@@ -0,0 +1,31 @@
+<?php
+// Init
+error_reporting(NULL);
+ob_start();
+session_start();
+header('Content-Type: application/json');
+include($_SERVER['DOCUMENT_ROOT']."/inc/main.php");
+
+if ($_SESSION['user'] == 'admin') {
+    if (!empty($_GET['srv'])) {
+        if ($_GET['srv'] == 'iptables') {
+            exec (VESTA_CMD."v-stop-firewall", $output, $return_var);
+        } else {
+            $v_service = escapeshellarg($_GET['srv']);
+            exec (VESTA_CMD."v-stop-service ".$v_service, $output, $return_var);
+        }
+    }
+    
+    if ($return_var != 0) {
+        $error = implode('<br>', $output);
+        if (empty($error)) {
+            $error = __('SERVICE_ACTION_FAILED', __('stop'), $v_service);
+        }
+        
+        $_SESSION['error_srv'] = $error;
+    }
+    unset($output);
+}
+
+echo json_encode(array('error' => $_SESSION['error_msg']));
+unset($_SESSION['error_msg']);
diff --git a/web/api/v1/suspend/cron/index.php b/web/api/v1/suspend/cron/index.php
new file mode 100644
index 000000000..1f1ff7f63
--- /dev/null
+++ b/web/api/v1/suspend/cron/index.php
@@ -0,0 +1,30 @@
+<?php
+// Init
+error_reporting(NULL);
+ob_start();
+session_start();
+header('Content-Type: application/json');
+include($_SERVER['DOCUMENT_ROOT']."/inc/main.php");
+
+// Check token
+if ((!isset($_GET['token'])) || ($_SESSION['token'] != $_GET['token'])) {
+    exit();
+}
+
+// Check user
+if ($_SESSION['user'] != 'admin') {
+    exit;
+}
+if (!empty($_GET['user'])) {
+    $user=$_GET['user'];
+}
+if (!empty($_GET['job'])) {
+    $v_username = escapeshellarg($user);
+    $v_job = escapeshellarg($_GET['job']);
+    exec (VESTA_CMD."v-suspend-cron-job ".$v_username." ".$v_job, $output, $return_var);
+}
+check_return_code($return_var,$output);
+unset($output);
+
+echo json_encode(array('error' => $_SESSION['error_msg']));
+unset($_SESSION['error_msg']);
diff --git a/web/api/v1/suspend/db/index.php b/web/api/v1/suspend/db/index.php
new file mode 100644
index 000000000..99ba32273
--- /dev/null
+++ b/web/api/v1/suspend/db/index.php
@@ -0,0 +1,32 @@
+<?php
+// Init
+error_reporting(NULL);
+ob_start();
+session_start();
+header('Content-Type: application/json');
+include($_SERVER['DOCUMENT_ROOT']."/inc/main.php");
+
+// Check token
+if ((!isset($_GET['token'])) || ($_SESSION['token'] != $_GET['token'])) {
+    exit();
+}
+
+// Check user
+if ($_SESSION['user'] != 'admin') {
+    exit;
+}
+
+if (!empty($_GET['user'])) {
+    $user=$_GET['user'];
+}
+
+if (!empty($_GET['database'])) {
+    $v_username = escapeshellarg($user);
+    $v_database = escapeshellarg($_GET['database']);
+    exec (VESTA_CMD."v-suspend-database ".$v_username." ".$v_database, $output, $return_var);
+}
+check_return_code($return_var,$output);
+unset($output);
+
+echo json_encode(array('error' => $_SESSION['error_msg']));
+unset($_SESSION['error_msg']);
diff --git a/web/api/v1/suspend/dns/index.php b/web/api/v1/suspend/dns/index.php
new file mode 100644
index 000000000..20be390b6
--- /dev/null
+++ b/web/api/v1/suspend/dns/index.php
@@ -0,0 +1,43 @@
+<?php
+// Init
+error_reporting(NULL);
+ob_start();
+session_start();
+header('Content-Type: application/json');
+include($_SERVER['DOCUMENT_ROOT']."/inc/main.php");
+
+// Check token
+if ((!isset($_GET['token'])) || ($_SESSION['token'] != $_GET['token'])) {
+    exit();
+}
+
+// Check user
+if ($_SESSION['user'] != 'admin') {
+    exit;
+}
+
+if (!empty($_GET['user'])) {
+    $user=$_GET['user'];
+}
+
+// DNS domain
+if ((!empty($_GET['domain'])) && (empty($_GET['record_id'])))  {
+    $v_username = escapeshellarg($user);
+    $v_domain = escapeshellarg($_GET['domain']);
+    exec (VESTA_CMD."v-suspend-dns-domain ".$v_username." ".$v_domain, $output, $return_var);
+    check_return_code($return_var,$output);
+    unset($output);
+}
+
+// DNS record
+if ((!empty($_GET['domain'])) && (!empty($_GET['record_id'])))  {
+    $v_username = escapeshellarg($user);
+    $v_domain = escapeshellarg($_GET['domain']);
+    $v_record_id = escapeshellarg($_GET['record_id']);
+    exec (VESTA_CMD."v-suspend-dns-record ".$v_username." ".$v_domain." ".$v_record_id, $output, $return_var);
+    check_return_code($return_var,$output);
+    unset($output);
+}
+
+echo json_encode(array('error' => $_SESSION['error_msg']));
+unset($_SESSION['error_msg']);
diff --git a/web/api/v1/suspend/firewall/index.php b/web/api/v1/suspend/firewall/index.php
new file mode 100644
index 000000000..3b5d2e809
--- /dev/null
+++ b/web/api/v1/suspend/firewall/index.php
@@ -0,0 +1,27 @@
+<?php
+// Init
+error_reporting(NULL);
+ob_start();
+session_start();
+header('Content-Type: application/json');
+include($_SERVER['DOCUMENT_ROOT']."/inc/main.php");
+
+// Check token
+if ((!isset($_GET['token'])) || ($_SESSION['token'] != $_GET['token'])) {
+    exit();
+}
+
+// Check user
+if ($_SESSION['user'] != 'admin') {
+    exit;
+}
+
+if (!empty($_GET['rule'])) {
+    $v_rule = escapeshellarg($_GET['rule']);
+    exec (VESTA_CMD."v-suspend-firewall-rule ".$v_rule, $output, $return_var);
+}
+check_return_code($return_var,$output);
+unset($output);
+
+echo json_encode(array('error' => $_SESSION['error_msg']));
+unset($_SESSION['error_msg']);
diff --git a/web/api/v1/suspend/mail/index.php b/web/api/v1/suspend/mail/index.php
new file mode 100644
index 000000000..57c04e7cc
--- /dev/null
+++ b/web/api/v1/suspend/mail/index.php
@@ -0,0 +1,43 @@
+<?php
+// Init
+error_reporting(NULL);
+ob_start();
+session_start();
+header('Content-Type: application/json');
+include($_SERVER['DOCUMENT_ROOT']."/inc/main.php");
+
+// Check token
+if ((!isset($_GET['token'])) || ($_SESSION['token'] != $_GET['token'])) {
+    exit();
+}
+
+// Check user
+if ($_SESSION['user'] != 'admin') {
+    exit;
+}
+
+if (!empty($_GET['user'])) {
+    $user=$_GET['user'];
+}
+
+// Mail domain
+if ((!empty($_GET['domain'])) && (empty($_GET['account'])))  {
+    $v_username = escapeshellarg($user);
+    $v_domain = escapeshellarg($_GET['domain']);
+    exec (VESTA_CMD."v-suspend-mail-domain ".$v_username." ".$v_domain, $output, $return_var);
+    check_return_code($return_var,$output);
+    unset($output);
+}
+
+// Mail account
+if ((!empty($_GET['domain'])) && (!empty($_GET['account'])))  {
+    $v_username = escapeshellarg($user);
+    $v_domain = escapeshellarg($_GET['domain']);
+    $v_account = escapeshellarg($_GET['account']);
+    exec (VESTA_CMD."v-suspend-mail-account ".$v_username." ".$v_domain." ".$v_account, $output, $return_var);
+    check_return_code($return_var,$output);
+    unset($output);
+}
+
+echo json_encode(array('error' => $_SESSION['error_msg']));
+unset($_SESSION['error_msg']);
diff --git a/web/api/v1/suspend/user/index.php b/web/api/v1/suspend/user/index.php
new file mode 100644
index 000000000..801330f85
--- /dev/null
+++ b/web/api/v1/suspend/user/index.php
@@ -0,0 +1,27 @@
+<?php
+error_reporting(NULL);
+ob_start();
+session_start();
+header('Content-Type: application/json');
+$TAB = 'USER';
+include($_SERVER['DOCUMENT_ROOT']."/inc/main.php");
+
+// Check token
+if ((!isset($_GET['token'])) || ($_SESSION['token'] != $_GET['token'])) {
+    exit();
+}
+
+// Check user
+if ($_SESSION['user'] != 'admin') {
+    exit;
+}
+
+if (!empty($_GET['user'])) {
+    $v_username = escapeshellarg($_GET['user']);
+    exec (VESTA_CMD."v-suspend-user ".$v_username, $output, $return_var);
+}
+check_return_code($return_var,$output);
+unset($output);
+
+echo json_encode(array('error' => $_SESSION['error_msg']));
+unset($_SESSION['error_msg']);
diff --git a/web/api/v1/suspend/web/index.php b/web/api/v1/suspend/web/index.php
new file mode 100644
index 000000000..a723c0ec5
--- /dev/null
+++ b/web/api/v1/suspend/web/index.php
@@ -0,0 +1,33 @@
+<?php
+// Init
+error_reporting(NULL);
+ob_start();
+session_start();
+header('Content-Type: application/json');
+include($_SERVER['DOCUMENT_ROOT']."/inc/main.php");
+
+// Check token
+if ((!isset($_GET['token'])) || ($_SESSION['token'] != $_GET['token'])) {
+    exit();
+}
+
+// Check user
+if ($_SESSION['user'] != 'admin') {
+    exit;
+}
+
+if (!empty($_GET['user'])) {
+    $user=$_GET['user'];
+}
+
+
+if (!empty($_GET['domain'])) {
+    $v_username = escapeshellarg($user);
+    $v_domain = escapeshellarg($_GET['domain']);
+    exec (VESTA_CMD."v-suspend-domain ".$v_username." ".$v_domain, $output, $return_var);
+}
+check_return_code($return_var,$output);
+unset($output);
+
+echo json_encode(array('error' => $_SESSION['error_msg']));
+unset($_SESSION['error_msg']);
diff --git a/web/api/v1/unsuspend/cron/index.php b/web/api/v1/unsuspend/cron/index.php
new file mode 100644
index 000000000..7be16ea4f
--- /dev/null
+++ b/web/api/v1/unsuspend/cron/index.php
@@ -0,0 +1,33 @@
+<?php
+// Init
+error_reporting(NULL);
+ob_start();
+session_start();
+header('Content-Type: application/json');
+
+include($_SERVER['DOCUMENT_ROOT']."/inc/main.php");
+
+// Check token
+if ((!isset($_GET['token'])) || ($_SESSION['token'] != $_GET['token'])) {
+    exit();
+}
+
+// Check user
+if ($_SESSION['user'] != 'admin') {
+    exit;
+}
+
+if (!empty($_GET['user'])) {
+    $user=$_GET['user'];
+}
+
+if (!empty($_GET['job'])) {
+    $v_username = escapeshellarg($user);
+    $v_job = escapeshellarg($_GET['job']);
+    exec (VESTA_CMD."v-unsuspend-cron-job ".$v_username." ".$v_job, $output, $return_var);
+}
+check_return_code($return_var,$output);
+unset($output);
+
+echo json_encode(array('error' => $_SESSION['error_msg']));
+unset($_SESSION['error_msg']);
diff --git a/web/api/v1/unsuspend/db/index.php b/web/api/v1/unsuspend/db/index.php
new file mode 100644
index 000000000..9ebe01c34
--- /dev/null
+++ b/web/api/v1/unsuspend/db/index.php
@@ -0,0 +1,34 @@
+<?php
+// Init
+error_reporting(NULL);
+ob_start();
+session_start();
+header('Content-Type: application/json');
+include($_SERVER['DOCUMENT_ROOT']."/inc/main.php");
+
+
+// Check token
+if ((!isset($_GET['token'])) || ($_SESSION['token'] != $_GET['token'])) {
+    header('location: /login/');
+    exit();
+}
+
+// Check user
+if ($_SESSION['user'] != 'admin') {
+    // header("Location: /list/user");
+    exit;
+}
+
+if (!empty($_GET['user'])) {
+    $user=$_GET['user'];
+}
+if (!empty($_GET['database'])) {
+    $v_username = escapeshellarg($user);
+    $v_database = escapeshellarg($_GET['database']);
+    exec (VESTA_CMD."v-unsuspend-database ".$v_username." ".$v_database, $output, $return_var);
+    check_return_code($return_var,$output);
+    unset($output);
+}
+
+echo json_encode(array('error' => $_SESSION['error_msg']));
+unset($_SESSION['error_msg']);
diff --git a/web/api/v1/unsuspend/dns/index.php b/web/api/v1/unsuspend/dns/index.php
new file mode 100644
index 000000000..daf9a9911
--- /dev/null
+++ b/web/api/v1/unsuspend/dns/index.php
@@ -0,0 +1,52 @@
+<?php
+// Init
+error_reporting(NULL);
+ob_start();
+session_start();
+header('Content-Type: application/json');
+include($_SERVER['DOCUMENT_ROOT']."/inc/main.php");
+
+// Check token
+if ((!isset($_GET['token'])) || ($_SESSION['token'] != $_GET['token'])) {
+    header('location: /login/');
+    exit();
+}
+
+// Check user
+if ($_SESSION['user'] != 'admin') {
+    exit;
+}
+
+if (!empty($_GET['user'])) {
+    $user=$_GET['user'];
+}
+
+// DNS domain
+if ((!empty($_GET['domain'])) && (empty($_GET['record_id'])))  {
+    $v_username = escapeshellarg($user);
+    $v_domain = escapeshellarg($_GET['domain']);
+    exec (VESTA_CMD."v-unsuspend-dns-domain ".$v_username." ".$v_domain, $output, $return_var);
+    if ($return_var != 0) {
+        $error = implode('<br>', $output);
+        if (empty($error)) $error = __('Error: vesta did not return any output.');
+        $_SESSION['error_msg'] = $error;
+    }
+    unset($output);
+}
+
+// DNS record
+if ((!empty($_GET['domain'])) && (!empty($_GET['record_id'])))  {
+    $v_username = escapeshellarg($user);
+    $v_domain = escapeshellarg($_GET['domain']);
+    $v_record_id = escapeshellarg($_GET['record_id']);
+    exec (VESTA_CMD."v-unsuspend-dns-record ".$v_username." ".$v_domain." ".$v_record_id, $output, $return_var);
+    if ($return_var != 0) {
+        $error = implode('<br>', $output);
+        if (empty($error)) $error = __('Error: vesta did not return any output.');
+        $_SESSION['error_msg'] = $error;
+    }
+    unset($output);
+}
+
+echo json_encode(array('error' => $_SESSION['error_msg']));
+unset($_SESSION['error_msg']);
diff --git a/web/api/v1/unsuspend/firewall/index.php b/web/api/v1/unsuspend/firewall/index.php
new file mode 100644
index 000000000..100fe0d13
--- /dev/null
+++ b/web/api/v1/unsuspend/firewall/index.php
@@ -0,0 +1,28 @@
+<?php
+// Init
+error_reporting(NULL);
+ob_start();
+session_start();
+header('Content-Type: application/json');
+include($_SERVER['DOCUMENT_ROOT']."/inc/main.php");
+
+// Check token
+if ((!isset($_GET['token'])) || ($_SESSION['token'] != $_GET['token'])) {
+    header('location: /login/');
+    exit();
+}
+
+// Check user
+if ($_SESSION['user'] != 'admin') {
+    exit;
+}
+
+if (!empty($_GET['rule'])) {
+    $v_rule = escapeshellarg($_GET['rule']);
+    exec (VESTA_CMD."v-unsuspend-firewall-rule ".$v_rule, $output, $return_var);
+}
+check_return_code($return_var,$output);
+unset($output);
+
+echo json_encode(array('error' => $_SESSION['error_msg']));
+unset($_SESSION['error_msg']);
diff --git a/web/api/v1/unsuspend/mail/index.php b/web/api/v1/unsuspend/mail/index.php
new file mode 100644
index 000000000..3f7f6ad42
--- /dev/null
+++ b/web/api/v1/unsuspend/mail/index.php
@@ -0,0 +1,52 @@
+<?php
+// Init
+error_reporting(NULL);
+ob_start();
+session_start();
+header('Content-Type: application/json');
+include($_SERVER['DOCUMENT_ROOT']."/inc/main.php");
+
+// Check token
+if ((!isset($_GET['token'])) || ($_SESSION['token'] != $_GET['token'])) {
+    header('location: /login/');
+    exit();
+}
+
+// Check user
+if ($_SESSION['user'] != 'admin') {
+    exit;
+}
+
+if (!empty($_GET['user'])) {
+    $user=$_GET['user'];
+}
+
+// Mail domain
+if ((!empty($_GET['domain'])) && (empty($_GET['account'])))  {
+    $v_username = escapeshellarg($user);
+    $v_domain = escapeshellarg($_GET['domain']);
+    exec (VESTA_CMD."v-unsuspend-mail-domain ".$v_username." ".$v_domain, $output, $return_var);
+    if ($return_var != 0) {
+        $error = implode('<br>', $output);
+        if (empty($error)) $error = __('Error: vesta did not return any output.');
+        $_SESSION['error_msg'] = $error;
+    }
+    unset($output);
+}
+
+// Mail account
+if ((!empty($_GET['domain'])) && (!empty($_GET['account'])))  {
+    $v_username = escapeshellarg($user);
+    $v_domain = escapeshellarg($_GET['domain']);
+    $v_account = escapeshellarg($_GET['account']);
+    exec (VESTA_CMD."v-unsuspend-mail-account ".$v_username." ".$v_domain." ".$v_account, $output, $return_var);
+    if ($return_var != 0) {
+        $error = implode('<br>', $output);
+        if (empty($error)) $error = __('Error: vesta did not return any output.');
+        $_SESSION['error_msg'] = $error;
+    }
+    unset($output);
+}
+
+echo json_encode(array('error' => $_SESSION['error_msg']));
+unset($_SESSION['error_msg']);
diff --git a/web/api/v1/unsuspend/user/index.php b/web/api/v1/unsuspend/user/index.php
new file mode 100644
index 000000000..140e5564e
--- /dev/null
+++ b/web/api/v1/unsuspend/user/index.php
@@ -0,0 +1,28 @@
+<?php
+// Init
+error_reporting(NULL);
+ob_start();
+session_start();
+header('Content-Type: application/json');
+$TAB = 'USER';
+include($_SERVER['DOCUMENT_ROOT']."/inc/main.php");
+
+// Check token
+if ((!isset($_GET['token'])) || ($_SESSION['token'] != $_GET['token'])) {
+    exit();
+}
+
+// Check user
+if ($_SESSION['user'] != 'admin') {
+    exit;
+}
+
+if (!empty($_GET['user'])) {
+    $v_username = escapeshellarg($_GET['user']);
+    exec (VESTA_CMD."v-unsuspend-user ".$v_username, $output, $return_var);
+}
+check_return_code($return_var,$output);
+unset($output);
+
+echo json_encode(array('error' => $_SESSION['error_msg']));
+unset($_SESSION['error_msg']);
diff --git a/web/api/v1/unsuspend/web/index.php b/web/api/v1/unsuspend/web/index.php
new file mode 100644
index 000000000..b95e9f7db
--- /dev/null
+++ b/web/api/v1/unsuspend/web/index.php
@@ -0,0 +1,30 @@
+<?php
+// Init
+error_reporting(NULL);
+ob_start();
+session_start();
+header('Content-Type: application/json');
+include($_SERVER['DOCUMENT_ROOT']."/inc/main.php");
+
+// Check token
+if ((!isset($_GET['token'])) || ($_SESSION['token'] != $_GET['token'])) {
+    exit();
+}
+
+// Check user
+if ($_SESSION['user'] != 'admin') {
+    exit;
+}
+if (!empty($_GET['user'])) {
+    $user=$_GET['user'];
+}
+if (!empty($_GET['domain'])) {
+    $v_username = escapeshellarg($user);
+    $v_domain = escapeshellarg($_GET['domain']);
+    exec (VESTA_CMD."v-unsuspend-domain ".$v_username." ".$v_domain, $output, $return_var);
+}
+check_return_code($return_var,$output);
+unset($output);
+
+echo json_encode(array('error' => $_SESSION['error_msg']));
+unset($_SESSION['error_msg']);
diff --git a/web/api/v1/update/vesta/index.php b/web/api/v1/update/vesta/index.php
new file mode 100644
index 000000000..7a0e4b203
--- /dev/null
+++ b/web/api/v1/update/vesta/index.php
@@ -0,0 +1,29 @@
+<?php
+// Init
+error_reporting(NULL);
+ob_start();
+session_start();
+header('Content-Type: application/json');
+include($_SERVER['DOCUMENT_ROOT']."/inc/main.php");
+
+// Check token
+if ((!isset($_GET['token'])) || ($_SESSION['token'] != $_GET['token'])) {
+    exit();
+}
+
+if ($_SESSION['user'] == 'admin') {
+    if (!empty($_GET['pkg'])) {
+        $v_pkg = escapeshellarg($_GET['pkg']);
+        exec (VESTA_CMD."v-update-sys-vesta ".$v_pkg, $output, $return_var);
+    }
+
+    if ($return_var != 0) {
+        $error = implode('<br>', $output);
+        if (empty($error)) $error = 'Error: '.$v_pkg.' update failed';
+            $_SESSION['error_msg'] = $error;
+    }
+    unset($output);
+}
+
+echo json_encode(array('error' => $_SESSION['error_msg']));
+unset($_SESSION['error_msg']);
diff --git a/web/api/v1/upload/UploadHandler.php b/web/api/v1/upload/UploadHandler.php
new file mode 100755
index 000000000..aedd747ca
--- /dev/null
+++ b/web/api/v1/upload/UploadHandler.php
@@ -0,0 +1,1404 @@
+<?php
+
+//session_start();
+
+include($_SERVER['DOCUMENT_ROOT']."/inc/main.php");
+
+// Check login_as feature
+$user = $_SESSION['user'];
+if (($_SESSION['user'] == 'admin') && (!empty($_SESSION['look']))) {
+    $user=$_SESSION['look'];
+}
+
+
+define('USERNAME', $user);
+
+
+/*
+// Check user session
+if ((!isset($_SESSION['user'])) && (!defined('NO_AUTH_REQUIRED'))) {
+    $_SESSION['request_uri'] = $_SERVER['REQUEST_URI'];
+    header("Location: /login/");
+    exit;
+}
+*/
+
+
+/*
+ * jQuery File Upload Plugin PHP Class 8.1.0
+ * https://github.com/blueimp/jQuery-File-Upload
+ *
+ * Copyright 2010, Sebastian Tschan
+ * https://blueimp.net
+ *
+ * Licensed under the MIT license:
+ * http://www.opensource.org/licenses/MIT
+ */
+
+class UploadHandler
+{
+
+    protected $options;
+
+    // PHP File Upload error message codes:
+    // http://php.net/manual/en/features.file-upload.errors.php
+    protected $error_messages = array(
+        1 => 'The uploaded file exceeds the upload_max_filesize directive in php.ini',
+        2 => 'The uploaded file exceeds the MAX_FILE_SIZE directive that was specified in the HTML form',
+        3 => 'The uploaded file was only partially uploaded',
+        4 => 'No file was uploaded',
+        6 => 'Missing a temporary folder',
+        7 => 'Failed to write file to disk',
+        8 => 'A PHP extension stopped the file upload',
+        'post_max_size' => 'The uploaded file exceeds the post_max_size directive in php.ini',
+        'max_file_size' => 'File is too big',
+        'min_file_size' => 'File is too small',
+        'accept_file_types' => 'Filetype not allowed',
+        'max_number_of_files' => 'Maximum number of files exceeded',
+        'max_width' => 'Image exceeds maximum width',
+        'min_width' => 'Image requires a minimum width',
+        'max_height' => 'Image exceeds maximum height',
+        'min_height' => 'Image requires a minimum height',
+        'abort' => 'File upload aborted',
+        'image_resize' => 'Failed to resize image'
+    );
+
+    protected $image_objects = array();
+
+    function __construct($options = null, $initialize = true, $error_messages = null) {
+        $this->options = array(
+            'script_url' => $this->get_full_url().'/',
+            'upload_dir' => dirname($this->get_server_var('SCRIPT_FILENAME')).'/files/',
+            'upload_url' => $this->get_full_url().'/files/',
+            'user_dirs' => false,
+            'mkdir_mode' => 0755,
+            'param_name' => 'files',
+            // Set the following option to 'POST', if your server does not support
+            // DELETE requests. This is a parameter sent to the client:
+            'delete_type' => 'DELETE',
+            'access_control_allow_origin' => '*',
+            'access_control_allow_credentials' => false,
+            'access_control_allow_methods' => array(
+                'OPTIONS',
+                'HEAD',
+                'GET',
+                'POST',
+                'PUT',
+                'PATCH',
+                'DELETE'
+            ),
+            'access_control_allow_headers' => array(
+                'Content-Type',
+                'Content-Range',
+                'Content-Disposition'
+            ),
+            // Enable to provide file downloads via GET requests to the PHP script:
+            //     1. Set to 1 to download files via readfile method through PHP
+            //     2. Set to 2 to send a X-Sendfile header for lighttpd/Apache
+            //     3. Set to 3 to send a X-Accel-Redirect header for nginx
+            // If set to 2 or 3, adjust the upload_url option to the base path of
+            // the redirect parameter, e.g. '/files/'.
+            'download_via_php' => false,
+            // Read files in chunks to avoid memory limits when download_via_php
+            // is enabled, set to 0 to disable chunked reading of files:
+            'readfile_chunk_size' => 10 * 1024 * 1024, // 10 MiB
+            // Defines which files can be displayed inline when downloaded:
+            'inline_file_types' => '/\.(gif|jpe?g|png)$/i',
+            // Defines which files (based on their names) are accepted for upload:
+            'accept_file_types' => '/.+$/i',
+            // The php.ini settings upload_max_filesize and post_max_size
+            // take precedence over the following max_file_size setting:
+            'max_file_size' => null,
+            'min_file_size' => null,
+            // The maximum number of files for the upload directory:
+            'max_number_of_files' => null,
+            // Defines which files are handled as image files:
+            'image_file_types' => '/\.(gif|jpe?g|png)$/i',
+            // Use exif_imagetype on all files to correct file extensions:
+            'correct_image_extensions' => false,
+            // Image resolution restrictions:
+            'max_width' => null,
+            'max_height' => null,
+            'min_width' => 1,
+            'min_height' => 1,
+            // Set the following option to false to enable resumable uploads:
+            'discard_aborted_uploads' => true,
+            // Set to 0 to use the GD library to scale and orient images,
+            // set to 1 to use imagick (if installed, falls back to GD),
+            // set to 2 to use the ImageMagick convert binary directly:
+            'image_library' => 1,
+            // Uncomment the following to define an array of resource limits
+            // for imagick:
+            /*
+            'imagick_resource_limits' => array(
+                imagick::RESOURCETYPE_MAP => 32,
+                imagick::RESOURCETYPE_MEMORY => 32
+            ),
+            */
+            // Command or path for to the ImageMagick convert binary:
+            'convert_bin' => 'convert',
+            // Uncomment the following to add parameters in front of each
+            // ImageMagick convert call (the limit constraints seem only
+            // to have an effect if put in front):
+            /*
+            'convert_params' => '-limit memory 32MiB -limit map 32MiB',
+            */
+            // Command or path for to the ImageMagick identify binary:
+            'identify_bin' => 'identify',
+            'image_versions' => array(
+                // The empty image version key defines options for the original image:
+                '' => array(
+                    // Automatically rotate images based on EXIF meta data:
+                    'auto_orient' => true
+                ),
+                // Uncomment the following to create medium sized images:
+                /*
+                'medium' => array(
+                    'max_width' => 800,
+                    'max_height' => 600
+                ),
+                */
+                'thumbnail' => array(
+                    // Uncomment the following to use a defined directory for the thumbnails
+                    // instead of a subdirectory based on the version identifier.
+                    // Make sure that this directory doesn't allow execution of files if you
+                    // don't pose any restrictions on the type of uploaded files, e.g. by
+                    // copying the .htaccess file from the files directory for Apache:
+                    //'upload_dir' => dirname($this->get_server_var('SCRIPT_FILENAME')).'/thumb/',
+                    //'upload_url' => $this->get_full_url().'/thumb/',
+                    // Uncomment the following to force the max
+                    // dimensions and e.g. create square thumbnails:
+                    //'crop' => true,
+                    'max_width' => 80,
+                    'max_height' => 80
+                )
+            )
+        );
+        if ($options) {
+            $this->options = $options + $this->options;
+        }
+        if ($error_messages) {
+            $this->error_messages = $error_messages + $this->error_messages;
+        }
+        if ($initialize) {
+            $this->initialize();
+        }
+    }
+
+    protected function initialize() {
+        switch ($this->get_server_var('REQUEST_METHOD')) {
+            case 'OPTIONS':
+            case 'HEAD':
+                $this->head();
+                break;
+            case 'GET':
+                $this->get();
+                break;
+            case 'PATCH':
+            case 'PUT':
+            case 'POST':
+                $this->post();
+                break;
+            case 'DELETE':
+                $this->delete();
+                break;
+            default:
+                $this->header('HTTP/1.1 405 Method Not Allowed');
+        }
+    }
+
+    protected function get_full_url() {
+        $https = !empty($_SERVER['HTTPS']) && strcasecmp($_SERVER['HTTPS'], 'on') === 0 ||
+            !empty($_SERVER['HTTP_X_FORWARDED_PROTO']) &&
+                strcasecmp($_SERVER['HTTP_X_FORWARDED_PROTO'], 'https') === 0;
+        return
+            ($https ? 'https://' : 'http://').
+            (!empty($_SERVER['REMOTE_USER']) ? $_SERVER['REMOTE_USER'].'@' : '').
+            (isset($_SERVER['HTTP_HOST']) ? $_SERVER['HTTP_HOST'] : ($_SERVER['SERVER_NAME'].
+            ($https && $_SERVER['SERVER_PORT'] === 443 ||
+            $_SERVER['SERVER_PORT'] === 80 ? '' : ':'.$_SERVER['SERVER_PORT']))).
+            substr($_SERVER['SCRIPT_NAME'],0, strrpos($_SERVER['SCRIPT_NAME'], '/'));
+    }
+
+    protected function get_user_id() {
+        @session_start();
+        return session_id();
+    }
+
+    protected function get_user_path() {
+        if ($this->options['user_dirs']) {
+            return $this->get_user_id().'/';
+        }
+        return '';
+    }
+
+    protected function get_upload_path($file_name = null, $version = null) {
+        $relocate_directory = $_GET['dir'];
+        if (empty($relocate_directory)) {
+            $relocate_directory = '/home/admin/'; // fallback dir
+        }
+        if ($relocate_directory[strlen($relocate_directory) -1] != '/') {
+            $relocate_directory .= '/';
+        }
+        $file_name = $file_name ? $file_name : '';
+        if (empty($version)) {
+            $version_path = '';
+        } else {
+            $version_dir = @$this->options['image_versions'][$version]['upload_dir'];
+            if ($version_dir) {
+                return $version_dir.$this->get_user_path().$file_name;
+            }
+            $version_path = $version.'/';
+        }
+        //return $this->options['upload_dir'].$this->get_user_path()
+        //    .$version_path.$file_name;
+        return $relocate_directory
+            .$version_path.$file_name;
+    }
+
+    protected function get_query_separator($url) {
+        return strpos($url, '?') === false ? '?' : '&';
+    }
+
+    protected function get_download_url($file_name, $version = null, $direct = false) {
+        if (!$direct && $this->options['download_via_php']) {
+            $url = $this->options['script_url']
+                .$this->get_query_separator($this->options['script_url'])
+                .$this->get_singular_param_name()
+                .'='.rawurlencode($file_name);
+            if ($version) {
+                $url .= '&version='.rawurlencode($version);
+            }
+            return $url.'&download=1';
+        }
+        if (empty($version)) {
+            $version_path = '';
+        } else {
+            $version_url = @$this->options['image_versions'][$version]['upload_url'];
+            if ($version_url) {
+                return $version_url.$this->get_user_path().rawurlencode($file_name);
+            }
+            $version_path = rawurlencode($version).'/';
+        }
+        return $this->options['upload_url'].$this->get_user_path()
+            .$version_path.rawurlencode($file_name);
+    }
+
+    protected function set_additional_file_properties($file) {
+        $file->deleteUrl = $this->options['script_url']
+            .$this->get_query_separator($this->options['script_url'])
+            .$this->get_singular_param_name()
+            .'='.rawurlencode($file->name);
+        $file->deleteType = $this->options['delete_type'];
+        if ($file->deleteType !== 'DELETE') {
+            $file->deleteUrl .= '&_method=DELETE';
+        }
+        if ($this->options['access_control_allow_credentials']) {
+            $file->deleteWithCredentials = true;
+        }
+    }
+
+    // Fix for overflowing signed 32 bit integers,
+    // works for sizes up to 2^32-1 bytes (4 GiB - 1):
+    protected function fix_integer_overflow($size) {
+        if ($size < 0) {
+            $size += 2.0 * (PHP_INT_MAX + 1);
+        }
+        return $size;
+    }
+
+    protected function get_file_size($file_path, $clear_stat_cache = false) {
+        if ($clear_stat_cache) {
+            if (version_compare(PHP_VERSION, '5.3.0') >= 0) {
+                clearstatcache(true, $file_path);
+            } else {
+                clearstatcache();
+            }
+        }
+
+        return $this->fix_integer_overflow(filesize($file_path));
+    }
+
+    protected function is_valid_file_object($file_name) {
+        $file_path = $this->get_upload_path($file_name);
+        if (is_file($file_path) && $file_name[0] !== '.') {
+            return true;
+        }
+        return false;
+    }
+
+    protected function get_file_object($file_name) {
+        if ($this->is_valid_file_object($file_name)) {
+            $file = new \stdClass();
+            $file->name = $file_name;
+            $file->size = $this->get_file_size(
+                $this->get_upload_path($file_name)
+            );
+            $file->url = $this->get_download_url($file->name);
+            foreach($this->options['image_versions'] as $version => $options) {
+                if (!empty($version)) {
+                    if (is_file($this->get_upload_path($file_name, $version))) {
+                        $file->{$version.'Url'} = $this->get_download_url(
+                            $file->name,
+                            $version
+                        );
+                    }
+                }
+            }
+            $this->set_additional_file_properties($file);
+            return $file;
+        }
+        return null;
+    }
+
+    protected function get_file_objects($iteration_method = 'get_file_object') {
+        $upload_dir = $this->get_upload_path();
+        if (!is_dir($upload_dir)) {
+            return array();
+        }
+        return array_values(array_filter(array_map(
+            array($this, $iteration_method),
+            scandir($upload_dir)
+        )));
+    }
+
+    protected function count_file_objects() {
+        return count($this->get_file_objects('is_valid_file_object'));
+    }
+
+    protected function get_error_message($error) {
+        return array_key_exists($error, $this->error_messages) ?
+            $this->error_messages[$error] : $error;
+    }
+
+    function get_config_bytes($val) {
+        $val = trim($val);
+        $last = strtolower($val[strlen($val)-1]);
+        switch($last) {
+            case 'g':
+                $val *= 1024;
+            case 'm':
+                $val *= 1024;
+            case 'k':
+                $val *= 1024;
+        }
+        return $this->fix_integer_overflow($val);
+    }
+
+    protected function validate($uploaded_file, $file, $error, $index) {
+        if ($error) {
+            $file->error = $this->get_error_message($error);
+            return false;
+        }
+        $content_length = $this->fix_integer_overflow(intval(
+            $this->get_server_var('CONTENT_LENGTH')
+        ));
+        $post_max_size = $this->get_config_bytes(ini_get('post_max_size'));
+        if ($post_max_size && ($content_length > $post_max_size)) {
+            $file->error = $this->get_error_message('post_max_size');
+            return false;
+        }
+        if (!preg_match($this->options['accept_file_types'], $file->name)) {
+            $file->error = $this->get_error_message('accept_file_types');
+            return false;
+        }
+        if ($uploaded_file && is_uploaded_file($uploaded_file)) {
+            $file_size = $this->get_file_size($uploaded_file);
+        } else {
+            $file_size = $content_length;
+        }
+        if ($this->options['max_file_size'] && (
+                $file_size > $this->options['max_file_size'] ||
+                $file->size > $this->options['max_file_size'])
+            ) {
+            $file->error = $this->get_error_message('max_file_size');
+            return false;
+        }
+        if ($this->options['min_file_size'] &&
+            $file_size < $this->options['min_file_size']) {
+            $file->error = $this->get_error_message('min_file_size');
+            return false;
+        }
+        if (is_int($this->options['max_number_of_files']) &&
+                ($this->count_file_objects() >= $this->options['max_number_of_files']) &&
+                // Ignore additional chunks of existing files:
+                !is_file($this->get_upload_path($file->name))) {
+            $file->error = $this->get_error_message('max_number_of_files');
+            return false;
+        }
+        $max_width = @$this->options['max_width'];
+        $max_height = @$this->options['max_height'];
+        $min_width = @$this->options['min_width'];
+        $min_height = @$this->options['min_height'];
+        if (($max_width || $max_height || $min_width || $min_height)
+           && preg_match($this->options['image_file_types'], $file->name)) {
+            list($img_width, $img_height) = $this->get_image_size($uploaded_file);
+        }
+        if (!empty($img_width)) {
+            if ($max_width && $img_width > $max_width) {
+                $file->error = $this->get_error_message('max_width');
+                return false;
+            }
+            if ($max_height && $img_height > $max_height) {
+                $file->error = $this->get_error_message('max_height');
+                return false;
+            }
+            if ($min_width && $img_width < $min_width) {
+                $file->error = $this->get_error_message('min_width');
+                return false;
+            }
+            if ($min_height && $img_height < $min_height) {
+                $file->error = $this->get_error_message('min_height');
+                return false;
+            }
+        }
+        return true;
+    }
+
+    protected function upcount_name_callback($matches) {
+        $index = isset($matches[1]) ? intval($matches[1]) + 1 : 1;
+        $ext = isset($matches[2]) ? $matches[2] : '';
+        return ' ('.$index.')'.$ext;
+    }
+
+    protected function upcount_name($name) {
+        return preg_replace_callback(
+            '/(?:(?: \(([\d]+)\))?(\.[^.]+))?$/',
+            array($this, 'upcount_name_callback'),
+            $name,
+            1
+        );
+    }
+
+    protected function sanitizeFileName($file) {
+        // (|\\?*<\":>+[]/')
+        // \|\\\?\*\<\"\'\:\>\+\[\]
+        $file = preg_replace("/'/", '', $file);
+
+        return $file;
+    }
+
+    protected function get_unique_filename($file_path, $name, $size, $type, $error,
+            $index, $content_range) {
+        $name = $this->sanitizeFileName($name);
+
+        while(is_dir($this->get_upload_path($name))) {
+            $name = $this->upcount_name($name);
+        }
+        // Keep an existing filename if this is part of a chunked upload:
+        $uploaded_bytes = $this->fix_integer_overflow(intval($content_range[1]));
+        while(is_file($this->get_upload_path($name))) {
+            if ($uploaded_bytes === $this->get_file_size(
+                    $this->get_upload_path($name))) {
+                break;
+            }
+            $name = $this->upcount_name($name);
+        }
+        return $name;
+    }
+
+    protected function fix_file_extension($file_path, $name, $size, $type, $error,
+            $index, $content_range) {
+        // Add missing file extension for known image types:
+        if (strpos($name, '.') === false &&
+                preg_match('/^image\/(gif|jpe?g|png)/', $type, $matches)) {
+            $name .= '.'.$matches[1];
+        }
+        if ($this->options['correct_image_extensions'] &&
+                function_exists('exif_imagetype')) {
+            switch(@exif_imagetype($file_path)){
+                case IMAGETYPE_JPEG:
+                    $extensions = array('jpg', 'jpeg');
+                    break;
+                case IMAGETYPE_PNG:
+                    $extensions = array('png');
+                    break;
+                case IMAGETYPE_GIF:
+                    $extensions = array('gif');
+                    break;
+            }
+            // Adjust incorrect image file extensions:
+            if (!empty($extensions)) {
+                $parts = explode('.', $name);
+                $extIndex = count($parts) - 1;
+                $ext = strtolower(@$parts[$extIndex]);
+                if (!in_array($ext, $extensions)) {
+                    $parts[$extIndex] = $extensions[0];
+                    $name = implode('.', $parts);
+                }
+            }
+        }
+        return $name;
+    }
+
+    protected function trim_file_name($file_path, $name, $size, $type, $error,
+            $index, $content_range) {
+        // Remove path information and dots around the filename, to prevent uploading
+        // into different directories or replacing hidden system files.
+        // Also remove control characters and spaces (\x00..\x20) around the filename:
+        $name = trim(basename(stripslashes($name)), ".\x00..\x20");
+        // Use a timestamp for empty filenames:
+        if (!$name) {
+            $name = str_replace('.', '-', microtime(true));
+        }
+        return $name;
+    }
+
+    protected function get_file_name($file_path, $name, $size, $type, $error,
+            $index, $content_range) {
+        $name = $this->trim_file_name($file_path, $name, $size, $type, $error,
+            $index, $content_range);
+        return $this->get_unique_filename(
+            $file_path,
+            $this->fix_file_extension($file_path, $name, $size, $type, $error,
+                $index, $content_range),
+            $size,
+            $type,
+            $error,
+            $index,
+            $content_range
+        );
+    }
+
+    protected function get_current_file_name($file_path, $name, $size, $type, $error,
+            $index, $content_range) {
+
+        $name = $this->trim_file_name($file_path, $name, $size, $type, $error, $index, $content_range);
+
+
+        return $this->get_unique_filename(
+            $file_path,
+            $this->fix_file_extension($file_path, $name, $size, $type, $error,
+                $index, $content_range),
+            $size,
+            $type,
+            $error,
+            $index,
+            $content_range
+        );
+    }
+
+
+    protected function handle_form_data($file, $index) {
+        // Handle form data, e.g. $_REQUEST['description'][$index]
+    }
+
+    protected function get_scaled_image_file_paths($file_name, $version) {
+        $file_path = $this->get_upload_path($file_name);
+        if (!empty($version)) {
+            $version_dir = $this->get_upload_path(null, $version);
+            if (!is_dir($version_dir)) {
+                mkdir($version_dir, $this->options['mkdir_mode'], true);
+            }
+            $new_file_path = $version_dir.'/'.$file_name;
+        } else {
+            $new_file_path = $file_path;
+        }
+        return array($file_path, $new_file_path);
+    }
+
+    protected function gd_get_image_object($file_path, $func, $no_cache = false) {
+        if (empty($this->image_objects[$file_path]) || $no_cache) {
+            $this->gd_destroy_image_object($file_path);
+            $this->image_objects[$file_path] = $func($file_path);
+        }
+        return $this->image_objects[$file_path];
+    }
+
+    protected function gd_set_image_object($file_path, $image) {
+        $this->gd_destroy_image_object($file_path);
+        $this->image_objects[$file_path] = $image;
+    }
+
+    protected function gd_destroy_image_object($file_path) {
+        $image = (isset($this->image_objects[$file_path])) ? $this->image_objects[$file_path] : null ;
+        return $image && imagedestroy($image);
+    }
+
+    protected function gd_imageflip($image, $mode) {
+        if (function_exists('imageflip')) {
+            return imageflip($image, $mode);
+        }
+        $new_width = $src_width = imagesx($image);
+        $new_height = $src_height = imagesy($image);
+        $new_img = imagecreatetruecolor($new_width, $new_height);
+        $src_x = 0;
+        $src_y = 0;
+        switch ($mode) {
+            case '1': // flip on the horizontal axis
+                $src_y = $new_height - 1;
+                $src_height = -$new_height;
+                break;
+            case '2': // flip on the vertical axis
+                $src_x  = $new_width - 1;
+                $src_width = -$new_width;
+                break;
+            case '3': // flip on both axes
+                $src_y = $new_height - 1;
+                $src_height = -$new_height;
+                $src_x  = $new_width - 1;
+                $src_width = -$new_width;
+                break;
+            default:
+                return $image;
+        }
+        imagecopyresampled(
+            $new_img,
+            $image,
+            0,
+            0,
+            $src_x,
+            $src_y,
+            $new_width,
+            $new_height,
+            $src_width,
+            $src_height
+        );
+        return $new_img;
+    }
+
+    protected function gd_orient_image($file_path, $src_img) {
+        if (!function_exists('exif_read_data')) {
+            return false;
+        }
+        $exif = @exif_read_data($file_path);
+        if ($exif === false) {
+            return false;
+        }
+        $orientation = intval(@$exif['Orientation']);
+        if ($orientation < 2 || $orientation > 8) {
+            return false;
+        }
+        switch ($orientation) {
+            case 2:
+                $new_img = $this->gd_imageflip(
+                    $src_img,
+                    defined('IMG_FLIP_VERTICAL') ? IMG_FLIP_VERTICAL : 2
+                );
+                break;
+            case 3:
+                $new_img = imagerotate($src_img, 180, 0);
+                break;
+            case 4:
+                $new_img = $this->gd_imageflip(
+                    $src_img,
+                    defined('IMG_FLIP_HORIZONTAL') ? IMG_FLIP_HORIZONTAL : 1
+                );
+                break;
+            case 5:
+                $tmp_img = $this->gd_imageflip(
+                    $src_img,
+                    defined('IMG_FLIP_HORIZONTAL') ? IMG_FLIP_HORIZONTAL : 1
+                );
+                $new_img = imagerotate($tmp_img, 270, 0);
+                imagedestroy($tmp_img);
+                break;
+            case 6:
+                $new_img = imagerotate($src_img, 270, 0);
+                break;
+            case 7:
+                $tmp_img = $this->gd_imageflip(
+                    $src_img,
+                    defined('IMG_FLIP_VERTICAL') ? IMG_FLIP_VERTICAL : 2
+                );
+                $new_img = imagerotate($tmp_img, 270, 0);
+                imagedestroy($tmp_img);
+                break;
+            case 8:
+                $new_img = imagerotate($src_img, 90, 0);
+                break;
+            default:
+                return false;
+        }
+        $this->gd_set_image_object($file_path, $new_img);
+        return true;
+    }
+
+    protected function gd_create_scaled_image($file_name, $version, $options) {
+        if (!function_exists('imagecreatetruecolor')) {
+            error_log('Function not found: imagecreatetruecolor');
+            return false;
+        }
+        list($file_path, $new_file_path) =
+            $this->get_scaled_image_file_paths($file_name, $version);
+        $type = strtolower(substr(strrchr($file_name, '.'), 1));
+        switch ($type) {
+            case 'jpg':
+            case 'jpeg':
+                $src_func = 'imagecreatefromjpeg';
+                $write_func = 'imagejpeg';
+                $image_quality = isset($options['jpeg_quality']) ?
+                    $options['jpeg_quality'] : 75;
+                break;
+            case 'gif':
+                $src_func = 'imagecreatefromgif';
+                $write_func = 'imagegif';
+                $image_quality = null;
+                break;
+            case 'png':
+                $src_func = 'imagecreatefrompng';
+                $write_func = 'imagepng';
+                $image_quality = isset($options['png_quality']) ?
+                    $options['png_quality'] : 9;
+                break;
+            default:
+                return false;
+        }
+        $src_img = $this->gd_get_image_object(
+            $file_path,
+            $src_func,
+            !empty($options['no_cache'])
+        );
+        $image_oriented = false;
+        if (!empty($options['auto_orient']) && $this->gd_orient_image(
+                $file_path,
+                $src_img
+            )) {
+            $image_oriented = true;
+            $src_img = $this->gd_get_image_object(
+                $file_path,
+                $src_func
+            );
+        }
+        $max_width = $img_width = imagesx($src_img);
+        $max_height = $img_height = imagesy($src_img);
+        if (!empty($options['max_width'])) {
+            $max_width = $options['max_width'];
+        }
+        if (!empty($options['max_height'])) {
+            $max_height = $options['max_height'];
+        }
+        $scale = min(
+            $max_width / $img_width,
+            $max_height / $img_height
+        );
+        if ($scale >= 1) {
+            if ($image_oriented) {
+                return $write_func($src_img, $new_file_path, $image_quality);
+            }
+            if ($file_path !== $new_file_path) {
+                return copy($file_path, $new_file_path);
+            }
+            return true;
+        }
+        if (empty($options['crop'])) {
+            $new_width = $img_width * $scale;
+            $new_height = $img_height * $scale;
+            $dst_x = 0;
+            $dst_y = 0;
+            $new_img = imagecreatetruecolor($new_width, $new_height);
+        } else {
+            if (($img_width / $img_height) >= ($max_width / $max_height)) {
+                $new_width = $img_width / ($img_height / $max_height);
+                $new_height = $max_height;
+            } else {
+                $new_width = $max_width;
+                $new_height = $img_height / ($img_width / $max_width);
+            }
+            $dst_x = 0 - ($new_width - $max_width) / 2;
+            $dst_y = 0 - ($new_height - $max_height) / 2;
+            $new_img = imagecreatetruecolor($max_width, $max_height);
+        }
+        // Handle transparency in GIF and PNG images:
+        switch ($type) {
+            case 'gif':
+            case 'png':
+                imagecolortransparent($new_img, imagecolorallocate($new_img, 0, 0, 0));
+            case 'png':
+                imagealphablending($new_img, false);
+                imagesavealpha($new_img, true);
+                break;
+        }
+        $success = imagecopyresampled(
+            $new_img,
+            $src_img,
+            $dst_x,
+            $dst_y,
+            0,
+            0,
+            $new_width,
+            $new_height,
+            $img_width,
+            $img_height
+        ) && $write_func($new_img, $new_file_path, $image_quality);
+        $this->gd_set_image_object($file_path, $new_img);
+        return $success;
+    }
+
+    protected function imagick_get_image_object($file_path, $no_cache = false) {
+        if (empty($this->image_objects[$file_path]) || $no_cache) {
+            $this->imagick_destroy_image_object($file_path);
+            $image = new \Imagick();
+            if (!empty($this->options['imagick_resource_limits'])) {
+                foreach ($this->options['imagick_resource_limits'] as $type => $limit) {
+                    $image->setResourceLimit($type, $limit);
+                }
+            }
+            $image->readImage($file_path);
+            $this->image_objects[$file_path] = $image;
+        }
+        return $this->image_objects[$file_path];
+    }
+
+    protected function imagick_set_image_object($file_path, $image) {
+        $this->imagick_destroy_image_object($file_path);
+        $this->image_objects[$file_path] = $image;
+    }
+
+    protected function imagick_destroy_image_object($file_path) {
+        $image = (isset($this->image_objects[$file_path])) ? $this->image_objects[$file_path] : null ;
+        return $image && $image->destroy();
+    }
+
+    protected function imagick_orient_image($image) {
+        $orientation = $image->getImageOrientation();
+        $background = new \ImagickPixel('none');
+        switch ($orientation) {
+            case \imagick::ORIENTATION_TOPRIGHT: // 2
+                $image->flopImage(); // horizontal flop around y-axis
+                break;
+            case \imagick::ORIENTATION_BOTTOMRIGHT: // 3
+                $image->rotateImage($background, 180);
+                break;
+            case \imagick::ORIENTATION_BOTTOMLEFT: // 4
+                $image->flipImage(); // vertical flip around x-axis
+                break;
+            case \imagick::ORIENTATION_LEFTTOP: // 5
+                $image->flopImage(); // horizontal flop around y-axis
+                $image->rotateImage($background, 270);
+                break;
+            case \imagick::ORIENTATION_RIGHTTOP: // 6
+                $image->rotateImage($background, 90);
+                break;
+            case \imagick::ORIENTATION_RIGHTBOTTOM: // 7
+                $image->flipImage(); // vertical flip around x-axis
+                $image->rotateImage($background, 270);
+                break;
+            case \imagick::ORIENTATION_LEFTBOTTOM: // 8
+                $image->rotateImage($background, 270);
+                break;
+            default:
+                return false;
+        }
+        $image->setImageOrientation(\imagick::ORIENTATION_TOPLEFT); // 1
+        return true;
+    }
+
+    protected function imagick_create_scaled_image($file_name, $version, $options) {
+        list($file_path, $new_file_path) =
+            $this->get_scaled_image_file_paths($file_name, $version);
+        $image = $this->imagick_get_image_object(
+            $file_path,
+            !empty($options['no_cache'])
+        );
+        if ($image->getImageFormat() === 'GIF') {
+            // Handle animated GIFs:
+            $images = $image->coalesceImages();
+            foreach ($images as $frame) {
+                $image = $frame;
+                $this->imagick_set_image_object($file_name, $image);
+                break;
+            }
+        }
+        $image_oriented = false;
+        if (!empty($options['auto_orient'])) {
+            $image_oriented = $this->imagick_orient_image($image);
+        }
+        $new_width = $max_width = $img_width = $image->getImageWidth();
+        $new_height = $max_height = $img_height = $image->getImageHeight();
+        if (!empty($options['max_width'])) {
+            $new_width = $max_width = $options['max_width'];
+        }
+        if (!empty($options['max_height'])) {
+            $new_height = $max_height = $options['max_height'];
+        }
+        if (!($image_oriented || $max_width < $img_width || $max_height < $img_height)) {
+            if ($file_path !== $new_file_path) {
+                return copy($file_path, $new_file_path);
+            }
+            return true;
+        }
+        $crop = !empty($options['crop']);
+        if ($crop) {
+            $x = 0;
+            $y = 0;
+            if (($img_width / $img_height) >= ($max_width / $max_height)) {
+                $new_width = 0; // Enables proportional scaling based on max_height
+                $x = ($img_width / ($img_height / $max_height) - $max_width) / 2;
+            } else {
+                $new_height = 0; // Enables proportional scaling based on max_width
+                $y = ($img_height / ($img_width / $max_width) - $max_height) / 2;
+            }
+        }
+        $success = $image->resizeImage(
+            $new_width,
+            $new_height,
+            isset($options['filter']) ? $options['filter'] : \imagick::FILTER_LANCZOS,
+            isset($options['blur']) ? $options['blur'] : 1,
+            $new_width && $new_height // fit image into constraints if not to be cropped
+        );
+        if ($success && $crop) {
+            $success = $image->cropImage(
+                $max_width,
+                $max_height,
+                $x,
+                $y
+            );
+            if ($success) {
+                $success = $image->setImagePage($max_width, $max_height, 0, 0);
+            }
+        }
+        $type = strtolower(substr(strrchr($file_name, '.'), 1));
+        switch ($type) {
+            case 'jpg':
+            case 'jpeg':
+                if (!empty($options['jpeg_quality'])) {
+                    $image->setImageCompression(\imagick::COMPRESSION_JPEG);
+                    $image->setImageCompressionQuality($options['jpeg_quality']);
+                }
+                break;
+        }
+        if (!empty($options['strip'])) {
+            $image->stripImage();
+        }
+        return $success && $image->writeImage($new_file_path);
+    }
+
+    protected function imagemagick_create_scaled_image($file_name, $version, $options) {
+        list($file_path, $new_file_path) =
+            $this->get_scaled_image_file_paths($file_name, $version);
+        $resize = @$options['max_width']
+            .(empty($options['max_height']) ? '' : 'X'.$options['max_height']);
+        if (!$resize && empty($options['auto_orient'])) {
+            if ($file_path !== $new_file_path) {
+                return copy($file_path, $new_file_path);
+            }
+            return true;
+        }
+        $cmd = $this->options['convert_bin'];
+        if (!empty($this->options['convert_params'])) {
+            $cmd .= ' '.$this->options['convert_params'];
+        }
+        $cmd .= ' '.escapeshellarg($file_path);
+        if (!empty($options['auto_orient'])) {
+            $cmd .= ' -auto-orient';
+        }
+        if ($resize) {
+            // Handle animated GIFs:
+            $cmd .= ' -coalesce';
+            if (empty($options['crop'])) {
+                $cmd .= ' -resize '.escapeshellarg($resize.'>');
+            } else {
+                $cmd .= ' -resize '.escapeshellarg($resize.'^');
+                $cmd .= ' -gravity center';
+                $cmd .= ' -crop '.escapeshellarg($resize.'+0+0');
+            }
+            // Make sure the page dimensions are correct (fixes offsets of animated GIFs):
+            $cmd .= ' +repage';
+        }
+        if (!empty($options['convert_params'])) {
+            $cmd .= ' '.$options['convert_params'];
+        }
+        $cmd .= ' '.escapeshellarg($new_file_path);
+        exec($cmd, $output, $error);
+        if ($error) {
+            error_log(implode('\n', $output));
+            return false;
+        }
+        return true;
+    }
+
+    protected function get_image_size($file_path) {
+        if ($this->options['image_library']) {
+            if (extension_loaded('imagick')) {
+                $image = new \Imagick();
+                try {
+                    if (@$image->pingImage($file_path)) {
+                        $dimensions = array($image->getImageWidth(), $image->getImageHeight());
+                        $image->destroy();
+                        return $dimensions;
+                    }
+                    return false;
+                } catch (Exception $e) {
+                    error_log($e->getMessage());
+                }
+            }
+            if ($this->options['image_library'] === 2) {
+                $cmd = $this->options['identify_bin'];
+                $cmd .= ' -ping '.escapeshellarg($file_path);
+                exec($cmd, $output, $error);
+                if (!$error && !empty($output)) {
+                    // image.jpg JPEG 1920x1080 1920x1080+0+0 8-bit sRGB 465KB 0.000u 0:00.000
+                    $infos = preg_split('/\s+/', $output[0]);
+                    $dimensions = preg_split('/x/', $infos[2]);
+                    return $dimensions;
+                }
+                return false;
+            }
+        }
+        if (!function_exists('getimagesize')) {
+            error_log('Function not found: getimagesize');
+            return false;
+        }
+        return @getimagesize($file_path);
+    }
+
+    protected function create_scaled_image($file_name, $version, $options) {
+        if ($this->options['image_library'] === 2) {
+            return $this->imagemagick_create_scaled_image($file_name, $version, $options);
+        }
+        if ($this->options['image_library'] && extension_loaded('imagick')) {
+            return $this->imagick_create_scaled_image($file_name, $version, $options);
+        }
+        return $this->gd_create_scaled_image($file_name, $version, $options);
+    }
+
+    protected function destroy_image_object($file_path) {
+        if ($this->options['image_library'] && extension_loaded('imagick')) {
+            return $this->imagick_destroy_image_object($file_path);
+        }
+    }
+
+    protected function is_valid_image_file($file_path) {
+        if (!preg_match($this->options['image_file_types'], $file_path)) {
+            return false;
+        }
+        if (function_exists('exif_imagetype')) {
+            return @exif_imagetype($file_path);
+        }
+        $image_info = $this->get_image_size($file_path);
+        return $image_info && $image_info[0] && $image_info[1];
+    }
+
+    protected function handle_image_file($file_path, $file) {
+        $failed_versions = array();
+        foreach($this->options['image_versions'] as $version => $options) {
+            if ($this->create_scaled_image($file->name, $version, $options)) {
+                if (!empty($version)) {
+                    $file->{$version.'Url'} = $this->get_download_url(
+                        $file->name,
+                        $version
+                    );
+                } else {
+                    $file->size = $this->get_file_size($file_path, true);
+                }
+            } else {
+                $failed_versions[] = $version ? $version : 'original';
+            }
+        }
+        if (count($failed_versions)) {
+            $file->error = $this->get_error_message('image_resize')
+                    .' ('.implode($failed_versions,', ').')';
+        }
+        // Free memory:
+        $this->destroy_image_object($file_path);
+    }
+
+    protected function handle_file_upload($uploaded_file, $name, $size, $type, $error,
+        $index = null, $content_range = null) {
+
+        $file = new \stdClass();
+//        $file->name = $this->get_file_name($uploaded_file, $name, $size, $type, $error,
+//            $index, $content_range);
+
+        $file->name = $this->trim_file_name($uploaded_path, $name, $size, $type, $error, $index, $content_range);
+        $file->name = $this->fix_file_extension($uploaded_path, $name, $size, $type, $error, $index, $content_range);
+
+
+        $file->size = $this->fix_integer_overflow(intval($size));
+        $file->type = $type;
+        if ($this->validate($uploaded_file, $file, $error, $index)) {
+            $this->handle_form_data($file, $index);
+            $upload_dir = $this->get_upload_path();
+            if (!is_dir($upload_dir)) {
+                mkdir($upload_dir, $this->options['mkdir_mode'], true);
+            }
+            $file_path = $this->get_upload_path($file->name);
+            $append_file = $content_range && is_file($file_path) &&
+                $file->size > $this->get_file_size($file_path);
+            if ($uploaded_file && is_uploaded_file($uploaded_file)) {
+                chmod($uploaded_file, 0644);
+                exec (VESTA_CMD . "v-copy-fs-file ". USERNAME ." ".$uploaded_file." ".escapeshellarg($file_path), $output, $return_var);
+                $error = check_return_code($return_var, $output);
+                if ($return_var != 0) {
+                    $file->error = 'Error while saving file ';
+                }
+            }
+            $file_size = $this->get_file_size($file_path, $append_file);
+
+            if ($file_size === $file->size) {
+                $file->url = $this->get_download_url($file->name);
+                // uncomment if images also need to be resized
+                //if ($this->is_valid_image_file($file_path)) {
+                //    $this->handle_image_file($file_path, $file);
+                //}
+            } else {
+                //$file->size = $file_size;
+                //if (!$content_range && $this->options['discard_aborted_uploads']) {
+                //    unlink($file_path);
+                //    $file->error = $this->get_error_message('abort');
+                //}
+            }
+            $this->set_additional_file_properties($file);
+        }
+        return $file;
+    }
+
+    protected function readfile($file_path) {
+        $file_size = $this->get_file_size($file_path);
+        $chunk_size = $this->options['readfile_chunk_size'];
+        if ($chunk_size && $file_size > $chunk_size) {
+            $handle = fopen($file_path, 'rb');
+            while (!feof($handle)) {
+                echo fread($handle, $chunk_size);
+                @ob_flush();
+                @flush();
+            }
+            fclose($handle);
+            return $file_size;
+        }
+        return readfile($file_path);
+    }
+
+    protected function body($str) {
+        echo $str;
+    }
+
+    protected function header($str) {
+        header($str);
+    }
+
+    protected function get_server_var($id) {
+        return isset($_SERVER[$id]) ? $_SERVER[$id] : '';
+    }
+
+    protected function generate_response($content, $print_response = true) {
+        if ($print_response) {
+            $json = json_encode($content);
+            $redirect = isset($_REQUEST['redirect']) ?
+                stripslashes($_REQUEST['redirect']) : null;
+            if ($redirect) {
+                $this->header('Location: '.sprintf($redirect, rawurlencode($json)));
+                return;
+            }
+            $this->head();
+            if ($this->get_server_var('HTTP_CONTENT_RANGE')) {
+                $files = isset($content[$this->options['param_name']]) ?
+                    $content[$this->options['param_name']] : null;
+                if ($files && is_array($files) && is_object($files[0]) && $files[0]->size) {
+                    $this->header('Range: 0-'.(
+                        $this->fix_integer_overflow(intval($files[0]->size)) - 1
+                    ));
+                }
+            }
+            $this->body($json);
+        }
+        return $content;
+    }
+
+    protected function get_version_param() {
+        return isset($_GET['version']) ? basename(stripslashes($_GET['version'])) : null;
+    }
+
+    protected function get_singular_param_name() {
+        return substr($this->options['param_name'], 0, -1);
+    }
+
+    protected function get_file_name_param() {
+        $name = $this->get_singular_param_name();
+        return isset($_REQUEST[$name]) ? basename(stripslashes($_REQUEST[$name])) : null;
+    }
+
+    protected function get_file_names_params() {
+        $params = isset($_REQUEST[$this->options['param_name']]) ?
+            $_REQUEST[$this->options['param_name']] : array();
+        foreach ($params as $key => $value) {
+            $params[$key] = basename(stripslashes($value));
+        }
+        return $params;
+    }
+
+    protected function get_file_type($file_path) {
+        switch (strtolower(pathinfo($file_path, PATHINFO_EXTENSION))) {
+            case 'jpeg':
+            case 'jpg':
+                return 'image/jpeg';
+            case 'png':
+                return 'image/png';
+            case 'gif':
+                return 'image/gif';
+            default:
+                return '';
+        }
+    }
+
+    protected function download() {
+        switch ($this->options['download_via_php']) {
+            case 1:
+                $redirect_header = null;
+                break;
+            case 2:
+                $redirect_header = 'X-Sendfile';
+                break;
+            case 3:
+                $redirect_header = 'X-Accel-Redirect';
+                break;
+            default:
+                return $this->header('HTTP/1.1 403 Forbidden');
+        }
+        $file_name = $this->get_file_name_param();
+        if (!$this->is_valid_file_object($file_name)) {
+            return $this->header('HTTP/1.1 404 Not Found');
+        }
+        if ($redirect_header) {
+            return $this->header(
+                $redirect_header.': '.$this->get_download_url(
+                    $file_name,
+                    $this->get_version_param(),
+                    true
+                )
+            );
+        }
+        $file_path = $this->get_upload_path($file_name, $this->get_version_param());
+        // Prevent browsers from MIME-sniffing the content-type:
+        $this->header('X-Content-Type-Options: nosniff');
+        if (!preg_match($this->options['inline_file_types'], $file_name)) {
+            $this->header('Content-Type: application/octet-stream');
+            $this->header('Content-Disposition: attachment; filename="'.$file_name.'"');
+        } else {
+            $this->header('Content-Type: '.$this->get_file_type($file_path));
+            $this->header('Content-Disposition: inline; filename="'.$file_name.'"');
+        }
+        $this->header('Content-Length: '.$this->get_file_size($file_path));
+        $this->header('Last-Modified: '.gmdate('D, d M Y H:i:s T', filemtime($file_path)));
+        $this->readfile($file_path);
+    }
+
+    protected function send_content_type_header() {
+        $this->header('Vary: Accept');
+        if (strpos($this->get_server_var('HTTP_ACCEPT'), 'application/json') !== false) {
+            $this->header('Content-type: application/json');
+        } else {
+            $this->header('Content-type: text/plain');
+        }
+    }
+
+    protected function send_access_control_headers() {
+        $this->header('Access-Control-Allow-Origin: '.$this->options['access_control_allow_origin']);
+        $this->header('Access-Control-Allow-Credentials: '
+            .($this->options['access_control_allow_credentials'] ? 'true' : 'false'));
+        $this->header('Access-Control-Allow-Methods: '
+            .implode(', ', $this->options['access_control_allow_methods']));
+        $this->header('Access-Control-Allow-Headers: '
+            .implode(', ', $this->options['access_control_allow_headers']));
+    }
+
+    public function head() {
+        $this->header('Pragma: no-cache');
+        $this->header('Cache-Control: no-store, no-cache, must-revalidate');
+        $this->header('Content-Disposition: inline; filename="files.json"');
+        // Prevent Internet Explorer from MIME-sniffing the content-type:
+        $this->header('X-Content-Type-Options: nosniff');
+        if ($this->options['access_control_allow_origin']) {
+            $this->send_access_control_headers();
+        }
+        $this->send_content_type_header();
+    }
+
+    public function get($print_response = true) {
+        if ($print_response && isset($_GET['download'])) {
+            return $this->download();
+        }
+        $file_name = $this->get_file_name_param();
+        if ($file_name) {
+            $response = array(
+                $this->get_singular_param_name() => $this->get_file_object($file_name)
+            );
+        } else {
+            $response = array(
+                $this->options['param_name'] => $this->get_file_objects()
+            );
+        }
+        return $this->generate_response($response, $print_response);
+    }
+
+    public function post($print_response = true) {
+        if (isset($_REQUEST['_method']) && $_REQUEST['_method'] === 'DELETE') {
+            return $this->delete($print_response);
+        }
+        $upload = isset($_FILES[$this->options['param_name']]) ?
+            $_FILES[$this->options['param_name']] : null;
+        // Parse the Content-Disposition header, if available:
+        $file_name = $this->get_server_var('HTTP_CONTENT_DISPOSITION') ?
+            rawurldecode(preg_replace(
+                '/(^[^"]+")|("$)/',
+                '',
+                $this->get_server_var('HTTP_CONTENT_DISPOSITION')
+            )) : null;
+        // Parse the Content-Range header, which has the following form:
+        // Content-Range: bytes 0-524287/2000000
+        $content_range = $this->get_server_var('HTTP_CONTENT_RANGE') ?
+            preg_split('/[^0-9]+/', $this->get_server_var('HTTP_CONTENT_RANGE')) : null;
+        $size =  $content_range ? $content_range[3] : null;
+        $files = array();
+        if ($upload && is_array($upload['tmp_name'])) {
+            // param_name is an array identifier like "files[]",
+            // $_FILES is a multi-dimensional array:
+            foreach ($upload['tmp_name'] as $index => $value) {
+                $files[] = $this->handle_file_upload(
+                    $upload['tmp_name'][$index],
+                    $file_name ? $file_name : $upload['name'][$index],
+                    $size ? $size : $upload['size'][$index],
+                    $upload['type'][$index],
+                    $upload['error'][$index],
+                    $index,
+                    $content_range
+                );
+            }
+        } else {
+            // param_name is a single object identifier like "file",
+            // $_FILES is a one-dimensional array:
+            $files[] = $this->handle_file_upload(
+                isset($upload['tmp_name']) ? $upload['tmp_name'] : null,
+                $file_name ? $file_name : (isset($upload['name']) ?
+                        $upload['name'] : null),
+                $size ? $size : (isset($upload['size']) ?
+                        $upload['size'] : $this->get_server_var('CONTENT_LENGTH')),
+                isset($upload['type']) ?
+                        $upload['type'] : $this->get_server_var('CONTENT_TYPE'),
+                isset($upload['error']) ? $upload['error'] : null,
+                null,
+                $content_range
+            );
+        }
+        return $this->generate_response(
+            array($this->options['param_name'] => $files),
+            $print_response
+        );
+    }
+
+    public function delete($print_response = true) {
+        $file_names = $this->get_file_names_params();
+        if (empty($file_names)) {
+            $file_names = array($this->get_file_name_param());
+        }
+        $response = array();
+        foreach($file_names as $file_name) {
+            $file_path = $this->get_upload_path($file_name);
+            $success = is_file($file_path) && $file_name[0] !== '.' && unlink($file_path);
+            if ($success) {
+                foreach($this->options['image_versions'] as $version => $options) {
+                    if (!empty($version)) {
+                        $file = $this->get_upload_path($file_name, $version);
+                        if (is_file($file)) {
+                            unlink($file);
+                        }
+                    }
+                }
+            }
+            $response[$file_name] = $success;
+        }
+        return $this->generate_response($response, $print_response);
+    }
+
+}
diff --git a/web/api/v1/upload/files/.htaccess b/web/api/v1/upload/files/.htaccess
new file mode 100644
index 000000000..56689f0bb
--- /dev/null
+++ b/web/api/v1/upload/files/.htaccess
@@ -0,0 +1,18 @@
+# The following directives force the content-type application/octet-stream
+# and force browsers to display a download dialog for non-image files.
+# This prevents the execution of script files in the context of the website:
+ForceType application/octet-stream
+Header set Content-Disposition attachment
+<FilesMatch "(?i)\.(gif|jpe?g|png)$">
+	ForceType none
+	Header unset Content-Disposition
+</FilesMatch>
+
+# The following directive prevents browsers from MIME-sniffing the content-type.
+# This is an important complement to the ForceType directive above:
+Header set X-Content-Type-Options nosniff
+
+# Uncomment the following lines to prevent unauthorized download of files:
+#AuthName "Authorization required"
+#AuthType Basic
+#require valid-user
diff --git a/web/api/v1/upload/index.php b/web/api/v1/upload/index.php
new file mode 100644
index 000000000..3ae1295ef
--- /dev/null
+++ b/web/api/v1/upload/index.php
@@ -0,0 +1,15 @@
+<?php
+/*
+ * jQuery File Upload Plugin PHP Example 5.14
+ * https://github.com/blueimp/jQuery-File-Upload
+ *
+ * Copyright 2010, Sebastian Tschan
+ * https://blueimp.net
+ *
+ * Licensed under the MIT license:
+ * http://www.opensource.org/licenses/MIT
+ */
+
+error_reporting(E_ALL | E_STRICT);
+require('UploadHandler.php');
+$upload_handler = new UploadHandler();
diff --git a/web/api/v1/view/file/index.php b/web/api/v1/view/file/index.php
new file mode 100644
index 000000000..6298ac09b
--- /dev/null
+++ b/web/api/v1/view/file/index.php
@@ -0,0 +1,19 @@
+<?php
+include($_SERVER['DOCUMENT_ROOT']."/inc/main.php");
+
+$user = $_SESSION['user'];
+if (($_SESSION['user'] == 'admin') && (!empty($_SESSION['look']))) {
+    $user=$_SESSION['look'];
+}
+
+if (!empty($_REQUEST['path'])) {
+    $path = htmlspecialchars($_REQUEST['path'], ENT_QUOTES, 'UTF-8');
+    if (!empty($_REQUEST['raw'])) {
+        header('content-type: image/jpeg');
+        passthru (VESTA_CMD . "v-open-fs-file " . $user . " " . escapeshellarg($path));
+        exit;
+    }
+}
+else {
+    die('File not found');
+}
diff --git a/web/api/v1/web-stats.php b/web/api/v1/web-stats.php
new file mode 100644
index 000000000..4e519573a
--- /dev/null
+++ b/web/api/v1/web-stats.php
@@ -0,0 +1,21 @@
+<?php
+error_reporting(NULL);
+$TAB = 'BACKUP';
+header('Content-Type: application/json');
+
+// Main include
+include($_SERVER['DOCUMENT_ROOT'].'/inc/main.php');
+top_panel(empty($_SESSION['look']) ? $_SESSION['user'] : $_SESSION['look'], $TAB);
+
+// List web stats
+exec (VESTA_CMD."v-list-web-stats json", $output, $return_var);
+$stats = json_decode(implode('', $output), true);
+unset($output);
+
+$result = array(
+  'data' => $stats,
+  'prefixI18N' => __('Prefix will be automaticaly added to username',$_SESSION['user']."_")
+);
+
+echo json_encode($result);
+unset($stats);
\ No newline at end of file