Add option "set_folder_permissions_on_update" in server config to configure if...

Add option "set_folder_permissions_on_update" in server config to configure if folder permissions should be forced on web update.

install/tpl/server.ini.master

@@ -68,6 +68,7 @@ php_fpm_ini_path=/etc/php5/fpm/php.ini
 php_fpm_pool_dir=/etc/php5/fpm/pool.d
 php_fpm_start_port=9010
 php_fpm_socket_dir=/var/lib/php5-fpm
+set_folder_permissions_on_update=y
 
 [dns]
 bind_user=root

interface/web/admin/form/server_config.tform.php

@@ -432,6 +432,12 @@ $form["tabs"]['web'] = array(
 			'default' => '20',
 			'value' => array('10' => 'Medium', '20' => 'High')
 		),
+		'set_folder_permissions_on_update' => array(
+			'datatype' => 'VARCHAR',
+			'formtype' => 'CHECKBOX',
+			'default' => 'y',
+			'value' => array(0 => 'n', 1 => 'y')
+		),
 		'check_apache_config' => array(
 			'datatype' => 'VARCHAR',
 			'formtype' => 'CHECKBOX',

interface/web/admin/lib/lang/en_server_config.lng

@@ -149,5 +149,6 @@ $wb["do_not_try_rescue_mysql_txt"] = 'Disable MySQL monitoring';
 $wb["do_not_try_rescue_mail_txt"] = 'Disable Email monitoring';
 $wb["rescue_description_txt"] = '<b>Information:</b> If you want to shut down mysql you have to select the "Disable MySQL monitor" checkbox and then wait 2-3 minutes.<br>If you do not wait 2-3 minutes, rescue will try to restart mysql!';
 $wb["enable_sni_txt"] = 'Enable SNI';
+$wb["set_folder_permissions_on_update_txt"] = 'Set folder permissions on update';
 
 ?>
\ No newline at end of file

interface/web/admin/templates/server_config_web_edit.htm

@@ -69,6 +69,12 @@
 						{tmpl_var name='check_apache_config'}
 					</div>
 			</div>
+	  <div class="ctrlHolder apache">
+				<p class="label">{tmpl_var name='set_folder_permissions_on_update_txt'}</p>
+					<div class="multiField">
+						{tmpl_var name='set_folder_permissions_on_update'}
+					</div>
+			</div>
 	  <div class="ctrlHolder">
 				<p class="label">{tmpl_var name='enable_sni_txt'}</p>
 					<div class="multiField">

server/plugins-available/apache2_plugin.inc.php

@@ -553,7 +553,7 @@ class apache2_plugin {
 
 
 		//* If the security level is set to high
-		if($this->action == 'insert' && $data['new']['type'] == 'vhost') {
+		if(($this->action == 'insert' && $data['new']['type'] == 'vhost') or ($web_config['set_folder_permissions_on_update'] == 'y' && $data['new']['type'] == 'vhost')) {
 			if($web_config['security_level'] == 20) {
 
 				$this->_exec('chmod 751 '.escapeshellcmd($data['new']['document_root']));
@@ -585,8 +585,13 @@ class apache2_plugin {
 
 				//* add the Apache user to the client group
 				$app->system->add_user_to_group($groupname, escapeshellcmd($web_config['user']));
-
-				$this->_exec('chown -R '.$username.':'.$groupname.' '.escapeshellcmd($data['new']['document_root']));
+				
+				//* Chown all default directories
+				$this->_exec('chown '.$username.':'.$groupname.' '.escapeshellcmd($data['new']['document_root'].'/cgi-bin'));
+				$this->_exec('chown '.$username.':'.$groupname.' '.escapeshellcmd($data['new']['document_root'].'/log'));
+				$this->_exec('chown '.$username.':'.$groupname.' '.escapeshellcmd($data['new']['document_root'].'/ssl'));
+				$this->_exec('chown '.$username.':'.$groupname.' '.escapeshellcmd($data['new']['document_root'].'/tmp'));
+				$this->_exec('chown -R '.$username.':'.$groupname.' '.escapeshellcmd($data['new']['document_root'].'/web'));
 
 				/*
 				* Workaround for jailkit: If jailkit is enabled for the site, the