diff --git a/install/dist/lib/fedora.lib.php b/install/dist/lib/fedora.lib.php
index f1c8d672042ac415e92b295dfac6a988bcc81a9d..b3dab6b8a605a5a35650284de9f04ab764893f99 100644
--- a/install/dist/lib/fedora.lib.php
+++ b/install/dist/lib/fedora.lib.php
@@ -1076,6 +1076,8 @@ class installer_dist extends installer_base {
 		caselog($command.' &> /dev/null', __FILE__, __LINE__, "EXECUTED: $command", "Failed to execute the command $command");
 		$command = 'chown root:ispconfig '.$install_dir.'/security/apache_directives.blacklist';
 		caselog($command.' &> /dev/null', __FILE__, __LINE__, "EXECUTED: $command", "Failed to execute the command $command");
+		$command = 'chown root:ispconfig '.$install_dir.'/security/nginx_directives.blacklist';
+		caselog($command.' &> /dev/null', __FILE__, __LINE__, "EXECUTED: $command", "Failed to execute the command $command");
 
 		//* Make the global language file directory group writable
 		exec("chmod -R 770 $install_dir/interface/lib/lang");
diff --git a/install/dist/lib/gentoo.lib.php b/install/dist/lib/gentoo.lib.php
index b3cfc207194f18f4dbddc039942fb06ddeb411af..71c29167b7cfa9acd796080408f3e00abf40565e 100644
--- a/install/dist/lib/gentoo.lib.php
+++ b/install/dist/lib/gentoo.lib.php
@@ -996,7 +996,9 @@ class installer extends installer_base
 		caselog($command.' &> /dev/null', __FILE__, __LINE__, "EXECUTED: $command", "Failed to execute the command $command");
 		$command = 'chown root:ispconfig '.$install_dir.'/security/apache_directives.blacklist';
 		caselog($command.' &> /dev/null', __FILE__, __LINE__, "EXECUTED: $command", "Failed to execute the command $command");
-
+		$command = 'chown root:ispconfig '.$install_dir.'/security/nginx_directives.blacklist';
+		caselog($command.' &> /dev/null', __FILE__, __LINE__, "EXECUTED: $command", "Failed to execute the command $command");
+		
 		//* Make the global language file directory group writable
 		exec("chmod -R 770 $install_dir/interface/lib/lang");
 
diff --git a/install/dist/lib/opensuse.lib.php b/install/dist/lib/opensuse.lib.php
index f991c77d2be66295c1a3756c543e174114f39f5c..72379321e7f675b29ceda3d3a230c07661864ca9 100644
--- a/install/dist/lib/opensuse.lib.php
+++ b/install/dist/lib/opensuse.lib.php
@@ -1094,7 +1094,9 @@ class installer_dist extends installer_base {
 		caselog($command.' &> /dev/null', __FILE__, __LINE__, "EXECUTED: $command", "Failed to execute the command $command");
 		$command = 'chown root:ispconfig '.$install_dir.'/security/apache_directives.blacklist';
 		caselog($command.' &> /dev/null', __FILE__, __LINE__, "EXECUTED: $command", "Failed to execute the command $command");
-
+		$command = 'chown root:ispconfig '.$install_dir.'/security/nginx_directives.blacklist';
+		caselog($command.' &> /dev/null', __FILE__, __LINE__, "EXECUTED: $command", "Failed to execute the command $command");
+		
 		//* Make the global language file directory group writable
 		exec("chmod -R 770 $install_dir/interface/lib/lang");
 
diff --git a/install/lib/installer_base.lib.php b/install/lib/installer_base.lib.php
index eb078a1e6efb4ce079f6836128209f25fab9f860..6db51c35227e2e0e083b7231ad193d5babeb9838 100644
--- a/install/lib/installer_base.lib.php
+++ b/install/lib/installer_base.lib.php
@@ -2389,7 +2389,9 @@ class installer_base {
 		caselog($command.' &> /dev/null', __FILE__, __LINE__, "EXECUTED: $command", "Failed to execute the command $command");
 		$command = 'chown root:ispconfig '.$install_dir.'/security/apache_directives.blacklist';
 		caselog($command.' &> /dev/null', __FILE__, __LINE__, "EXECUTED: $command", "Failed to execute the command $command");
-
+		$command = 'chown root:ispconfig '.$install_dir.'/security/nginx_directives.blacklist';
+		caselog($command.' &> /dev/null', __FILE__, __LINE__, "EXECUTED: $command", "Failed to execute the command $command");
+		
 		//* Make the global language file directory group writable
 		exec("chmod -R 770 $install_dir/interface/lib/lang");
 
diff --git a/interface/lib/classes/validate_domain.inc.php b/interface/lib/classes/validate_domain.inc.php
index b572467fe08fbdeeb434a3b9ae81241f932f0991..415015b8ceb8d5c17189d7cf4836fbc10e34b8ae 100644
--- a/interface/lib/classes/validate_domain.inc.php
+++ b/interface/lib/classes/validate_domain.inc.php
@@ -141,6 +141,44 @@ class validate_domain {
 		}
 	}
 	
+	/* Check nginx directives */
+	function web_nginx_directives($field_name, $field_value, $validator) {
+		global $app;
+		
+		if(trim($field_value) != '') {
+			$security_config = $app->getconf->get_security_config('ids');
+		
+			if($security_config['nginx_directives_scan_enabled'] == 'yes') {
+				
+				// Get blacklist
+				$blacklist_path = '/usr/local/ispconfig/security/nginx_directives.blacklist';
+				if(is_file('/usr/local/ispconfig/security/nginx_directives.blacklist.custom')) $blacklist_path = '/usr/local/ispconfig/security/nginx_directives.blacklist.custom';
+				if(!is_file($blacklist_path)) $blacklist_path = realpath(ISPC_ROOT_PATH.'/../security/nginx_directives.blacklist');
+				
+				$directives = explode("\n",$field_value);
+				$regex = explode("\n",file_get_contents($blacklist_path));
+				$blocked = false;
+				$blocked_line = '';
+				
+				if(is_array($directives) && is_array($regex)) {
+					foreach($directives as $directive) {
+						$directive = trim($directive);
+						foreach($regex as $r) {
+							if(preg_match(trim($r),$directive)) {
+								$blocked = true;
+								$blocked_line .= $directive.'<br />';
+							};
+						}
+					}
+				}
+			}
+		}
+		
+		if($blocked === true) {
+			return $this->get_error('nginx_directive_blocked_error').' '.$blocked_line;
+		}
+	}
+	
 
 	/* internal validator function to match regexp */
 	function _regex_validate($domain_name, $allow_wildcard = false) {
diff --git a/interface/web/sites/form/web_vhost_domain.tform.php b/interface/web/sites/form/web_vhost_domain.tform.php
index 071efbb9a9b18d224d243ee8be78222393a07cf8..98b006eacfa74aedd5ab328fc287a98954dbbdfe 100644
--- a/interface/web/sites/form/web_vhost_domain.tform.php
+++ b/interface/web/sites/form/web_vhost_domain.tform.php
@@ -881,6 +881,13 @@ if($_SESSION["s"]["user"]["typ"] == 'admin'
 			'nginx_directives' => array (
 				'datatype' => 'TEXT',
 				'formtype' => 'TEXT',
+				'validators' => array (  0 => array(
+							'type' => 'CUSTOM',
+							'class' => 'validate_domain',
+							'function' => 'web_nginx_directives',
+							'errmsg' => 'nginx_directive_blocked_error'
+						),
+				),
 				'default' => '',
 				'value'  => '',
 				'width'  => '30',
diff --git a/interface/web/sites/lib/lang/ar_web_domain.lng b/interface/web/sites/lib/lang/ar_web_domain.lng
index 0b8161e0978acbeab26a2885512e99aa272ca9ec..1ab9c55d3d9f88099cdfb79a0166d46d39189308 100644
--- a/interface/web/sites/lib/lang/ar_web_domain.lng
+++ b/interface/web/sites/lib/lang/ar_web_domain.lng
@@ -133,4 +133,5 @@ $wb['http_port_txt'] = 'HTTP Port';
 $wb['https_port_txt'] = 'HTTPS Port';
 $wb['http_port_error_regex'] = 'HTTP Port invalid.';
 $wb['https_port_error_regex'] = 'HTTPS Port invalid.';
+$wb['nginx_directive_blocked_error'] = 'Nginx directive blocked by security settings:';
 ?>
diff --git a/interface/web/sites/lib/lang/bg_web_domain.lng b/interface/web/sites/lib/lang/bg_web_domain.lng
index cce48221437625978cc7f2884060f57b7f626df8..901c34a6ec85fd026c53c08f3e79b88d2c11d37b 100644
--- a/interface/web/sites/lib/lang/bg_web_domain.lng
+++ b/interface/web/sites/lib/lang/bg_web_domain.lng
@@ -133,4 +133,5 @@ $wb['http_port_txt'] = 'HTTP Port';
 $wb['https_port_txt'] = 'HTTPS Port';
 $wb['http_port_error_regex'] = 'HTTP Port invalid.';
 $wb['https_port_error_regex'] = 'HTTPS Port invalid.';
+$wb['nginx_directive_blocked_error'] = 'Nginx directive blocked by security settings:';
 ?>
diff --git a/interface/web/sites/lib/lang/br_web_domain.lng b/interface/web/sites/lib/lang/br_web_domain.lng
index 33ea9f35658286ec6c19ef59f791baacb269f8e2..a199f3273c55e469ada72518455318cda6a7033a 100644
--- a/interface/web/sites/lib/lang/br_web_domain.lng
+++ b/interface/web/sites/lib/lang/br_web_domain.lng
@@ -133,4 +133,5 @@ $wb['http_port_txt'] = 'Porta HTTP';
 $wb['https_port_txt'] = 'Porta HTTPS';
 $wb['http_port_error_regex'] = 'Porta HTTP invÃ¡lida.';
 $wb['https_port_error_regex'] = 'Porta HTTPS invÃ¡lida.';
+$wb['nginx_directive_blocked_error'] = 'Nginx directive blocked by security settings:';
 ?>
diff --git a/interface/web/sites/lib/lang/ca_web_domain.lng b/interface/web/sites/lib/lang/ca_web_domain.lng
index fc680dfd1a56e8b525e864595dac746a8ab3ab4a..a3475c43c2d58dd7b3e2232032926af144882c71 100644
--- a/interface/web/sites/lib/lang/ca_web_domain.lng
+++ b/interface/web/sites/lib/lang/ca_web_domain.lng
@@ -133,4 +133,5 @@ $wb['http_port_txt'] = 'HTTP Port';
 $wb['https_port_txt'] = 'HTTPS Port';
 $wb['http_port_error_regex'] = 'HTTP Port invalid.';
 $wb['https_port_error_regex'] = 'HTTPS Port invalid.';
+$wb['nginx_directive_blocked_error'] = 'Nginx directive blocked by security settings:';
 ?>
diff --git a/interface/web/sites/lib/lang/cz_web_domain.lng b/interface/web/sites/lib/lang/cz_web_domain.lng
index 585c2c94ffc3d29764960e6f1468a1bd0e53ae6a..0998cb1264a385b11957d85915ae7ea184bbc154 100644
--- a/interface/web/sites/lib/lang/cz_web_domain.lng
+++ b/interface/web/sites/lib/lang/cz_web_domain.lng
@@ -133,4 +133,5 @@ $wb['http_port_txt'] = 'HTTP Port';
 $wb['https_port_txt'] = 'HTTPS Port';
 $wb['http_port_error_regex'] = 'HTTP Port invalid.';
 $wb['https_port_error_regex'] = 'HTTPS Port invalid.';
+$wb['nginx_directive_blocked_error'] = 'Nginx directive blocked by security settings:';
 ?>
diff --git a/interface/web/sites/lib/lang/de_web_domain.lng b/interface/web/sites/lib/lang/de_web_domain.lng
index 75a4f146695d49aa69b729de85343c6aa0b346c5..7232d8fa5f79141cb420ec53768617c132a60f55 100644
--- a/interface/web/sites/lib/lang/de_web_domain.lng
+++ b/interface/web/sites/lib/lang/de_web_domain.lng
@@ -133,4 +133,5 @@ $wb['http_port_txt'] = 'HTTP Port';
 $wb['https_port_txt'] = 'HTTPS Port';
 $wb['http_port_error_regex'] = 'HTTP Port invalid.';
 $wb['https_port_error_regex'] = 'HTTPS Port invalid.';
+$wb['nginx_directive_blocked_error'] = 'Nginx directive blocked by security settings:';
 ?>
diff --git a/interface/web/sites/lib/lang/dk_web_domain.lng b/interface/web/sites/lib/lang/dk_web_domain.lng
index 6124ee0676f2bc12f401a4cac7c9ec557b9efcc3..7b6183554314151740697ca33197f37a6bcfca78 100644
--- a/interface/web/sites/lib/lang/dk_web_domain.lng
+++ b/interface/web/sites/lib/lang/dk_web_domain.lng
@@ -133,4 +133,5 @@ $wb['http_port_txt'] = 'HTTP Port';
 $wb['https_port_txt'] = 'HTTPS Port';
 $wb['http_port_error_regex'] = 'HTTP Port invalid.';
 $wb['https_port_error_regex'] = 'HTTPS Port invalid.';
+$wb['nginx_directive_blocked_error'] = 'Nginx directive blocked by security settings:';
 ?>
diff --git a/interface/web/sites/lib/lang/el_web_domain.lng b/interface/web/sites/lib/lang/el_web_domain.lng
index 1ae8ca208b59fb3eb6a79ad3bfe6057b3daed812..1787aa0e33fbeedff7b8d897bcf2a683501143d3 100644
--- a/interface/web/sites/lib/lang/el_web_domain.lng
+++ b/interface/web/sites/lib/lang/el_web_domain.lng
@@ -133,4 +133,5 @@ $wb['http_port_txt'] = 'HTTP Port';
 $wb['https_port_txt'] = 'HTTPS Port';
 $wb['http_port_error_regex'] = 'HTTP Port invalid.';
 $wb['https_port_error_regex'] = 'HTTPS Port invalid.';
+$wb['nginx_directive_blocked_error'] = 'Nginx directive blocked by security settings:';
 ?>
diff --git a/interface/web/sites/lib/lang/en_web_domain.lng b/interface/web/sites/lib/lang/en_web_domain.lng
index 940053bc703d37fec36dfd06a3fd70fc14f54e54..28c7c3e4e1b52483e56b8c63149179a1040b192c 100644
--- a/interface/web/sites/lib/lang/en_web_domain.lng
+++ b/interface/web/sites/lib/lang/en_web_domain.lng
@@ -133,4 +133,5 @@ $wb['http_port_txt'] = 'HTTP Port';
 $wb['https_port_txt'] = 'HTTPS Port';
 $wb['http_port_error_regex'] = 'HTTP Port invalid.';
 $wb['https_port_error_regex'] = 'HTTPS Port invalid.';
+$wb['nginx_directive_blocked_error'] = 'Nginx directive blocked by security settings:';
 ?>
\ No newline at end of file
diff --git a/interface/web/sites/lib/lang/es_web_domain.lng b/interface/web/sites/lib/lang/es_web_domain.lng
index 8ba5d93c177a9a2b8dc70c54c87deca547a28167..889d29bd9536cbffa55b01f413bf48b6577692cd 100644
--- a/interface/web/sites/lib/lang/es_web_domain.lng
+++ b/interface/web/sites/lib/lang/es_web_domain.lng
@@ -133,4 +133,5 @@ $wb['http_port_txt'] = 'HTTP Port';
 $wb['https_port_txt'] = 'HTTPS Port';
 $wb['http_port_error_regex'] = 'HTTP Port invalid.';
 $wb['https_port_error_regex'] = 'HTTPS Port invalid.';
+$wb['nginx_directive_blocked_error'] = 'Nginx directive blocked by security settings:';
 ?>
diff --git a/interface/web/sites/lib/lang/fi_web_domain.lng b/interface/web/sites/lib/lang/fi_web_domain.lng
index 5d78fa7961e6facd13e2aeb05a00aadeb012504f..1cc2a2024d93b2d268622cf6a7f9bb25e30ce75c 100644
--- a/interface/web/sites/lib/lang/fi_web_domain.lng
+++ b/interface/web/sites/lib/lang/fi_web_domain.lng
@@ -133,4 +133,5 @@ $wb['http_port_txt'] = 'HTTP Port';
 $wb['https_port_txt'] = 'HTTPS Port';
 $wb['http_port_error_regex'] = 'HTTP Port invalid.';
 $wb['https_port_error_regex'] = 'HTTPS Port invalid.';
+$wb['nginx_directive_blocked_error'] = 'Nginx directive blocked by security settings:';
 ?>
diff --git a/interface/web/sites/lib/lang/fr_web_domain.lng b/interface/web/sites/lib/lang/fr_web_domain.lng
index 5cbce08e607d581a0afbe3a84c15c845ece40e31..421693a0e64cb0cbdcb92578911115fd12704e5b 100644
--- a/interface/web/sites/lib/lang/fr_web_domain.lng
+++ b/interface/web/sites/lib/lang/fr_web_domain.lng
@@ -133,4 +133,5 @@ $wb['http_port_txt'] = 'HTTP Port';
 $wb['https_port_txt'] = 'HTTPS Port';
 $wb['http_port_error_regex'] = 'HTTP Port invalid.';
 $wb['https_port_error_regex'] = 'HTTPS Port invalid.';
+$wb['nginx_directive_blocked_error'] = 'Nginx directive blocked by security settings:';
 ?>
diff --git a/interface/web/sites/lib/lang/hr_web_domain.lng b/interface/web/sites/lib/lang/hr_web_domain.lng
index b6f589ead0b59505a97024aed46b6de92a8334ab..8a089e6ba5f365147feb61e20d0de0de4e9ed9cf 100644
--- a/interface/web/sites/lib/lang/hr_web_domain.lng
+++ b/interface/web/sites/lib/lang/hr_web_domain.lng
@@ -133,4 +133,5 @@ $wb['http_port_txt'] = 'HTTP Port';
 $wb['https_port_txt'] = 'HTTPS Port';
 $wb['http_port_error_regex'] = 'HTTP Port invalid.';
 $wb['https_port_error_regex'] = 'HTTPS Port invalid.';
+$wb['nginx_directive_blocked_error'] = 'Nginx directive blocked by security settings:';
 ?>
diff --git a/interface/web/sites/lib/lang/hu_web_domain.lng b/interface/web/sites/lib/lang/hu_web_domain.lng
index b2404565386f25e73c31c37bffe775e72611b387..5ddf06593ded5ab4740f467055c1c63e46d53176 100644
--- a/interface/web/sites/lib/lang/hu_web_domain.lng
+++ b/interface/web/sites/lib/lang/hu_web_domain.lng
@@ -133,4 +133,5 @@ $wb['http_port_txt'] = 'HTTP Port';
 $wb['https_port_txt'] = 'HTTPS Port';
 $wb['http_port_error_regex'] = 'HTTP Port invalid.';
 $wb['https_port_error_regex'] = 'HTTPS Port invalid.';
+$wb['nginx_directive_blocked_error'] = 'Nginx directive blocked by security settings:';
 ?>
diff --git a/interface/web/sites/lib/lang/id_web_domain.lng b/interface/web/sites/lib/lang/id_web_domain.lng
index a96b4cc2ce2044f6540855e7d46351e04d3ee6a7..785d7fc0daa9655cc0d4cbebf704ca89a95223b8 100644
--- a/interface/web/sites/lib/lang/id_web_domain.lng
+++ b/interface/web/sites/lib/lang/id_web_domain.lng
@@ -133,4 +133,5 @@ $wb['http_port_txt'] = 'HTTP Port';
 $wb['https_port_txt'] = 'HTTPS Port';
 $wb['http_port_error_regex'] = 'HTTP Port invalid.';
 $wb['https_port_error_regex'] = 'HTTPS Port invalid.';
+$wb['nginx_directive_blocked_error'] = 'Nginx directive blocked by security settings:';
 ?>
diff --git a/interface/web/sites/lib/lang/it_web_domain.lng b/interface/web/sites/lib/lang/it_web_domain.lng
index 0f46e2a3ef82698182a7d48ebc77e5ac16182e59..68eae554fc16b20070359dd0f29e051d334ae9bf 100644
--- a/interface/web/sites/lib/lang/it_web_domain.lng
+++ b/interface/web/sites/lib/lang/it_web_domain.lng
@@ -133,4 +133,5 @@ $wb['http_port_txt'] = 'HTTP Port';
 $wb['https_port_txt'] = 'HTTPS Port';
 $wb['http_port_error_regex'] = 'HTTP Port invalid.';
 $wb['https_port_error_regex'] = 'HTTPS Port invalid.';
+$wb['nginx_directive_blocked_error'] = 'Nginx directive blocked by security settings:';
 ?>
diff --git a/interface/web/sites/lib/lang/ja_web_domain.lng b/interface/web/sites/lib/lang/ja_web_domain.lng
index 95e1f7de527634541ef7ec13e714e07a7e5b7f05..2dbf65d2e5a162fb94e1bcc6726bc916f778f197 100644
--- a/interface/web/sites/lib/lang/ja_web_domain.lng
+++ b/interface/web/sites/lib/lang/ja_web_domain.lng
@@ -133,4 +133,5 @@ $wb['http_port_txt'] = 'HTTP Port';
 $wb['https_port_txt'] = 'HTTPS Port';
 $wb['http_port_error_regex'] = 'HTTP Port invalid.';
 $wb['https_port_error_regex'] = 'HTTPS Port invalid.';
+$wb['nginx_directive_blocked_error'] = 'Nginx directive blocked by security settings:';
 ?>
diff --git a/interface/web/sites/lib/lang/nl_web_domain.lng b/interface/web/sites/lib/lang/nl_web_domain.lng
index 60a06c266a4cbbf04b98e8b54c4278ae8e5cb378..8b4f6ff8552ece4e37d36dde2b596babf9ff0e5a 100644
--- a/interface/web/sites/lib/lang/nl_web_domain.lng
+++ b/interface/web/sites/lib/lang/nl_web_domain.lng
@@ -133,4 +133,5 @@ $wb['http_port_txt'] = 'HTTP Port';
 $wb['https_port_txt'] = 'HTTPS Port';
 $wb['http_port_error_regex'] = 'HTTP Port invalid.';
 $wb['https_port_error_regex'] = 'HTTPS Port invalid.';
+$wb['nginx_directive_blocked_error'] = 'Nginx directive blocked by security settings:';
 ?>
diff --git a/interface/web/sites/lib/lang/pl_web_domain.lng b/interface/web/sites/lib/lang/pl_web_domain.lng
index 8afd4b50c74bc0f39be5407cf6de8007f1edc495..2521f174069e5ee125e76df6eb7a2e44c5302e37 100644
--- a/interface/web/sites/lib/lang/pl_web_domain.lng
+++ b/interface/web/sites/lib/lang/pl_web_domain.lng
@@ -133,4 +133,5 @@ $wb['http_port_txt'] = 'HTTP Port';
 $wb['https_port_txt'] = 'HTTPS Port';
 $wb['http_port_error_regex'] = 'HTTP Port invalid.';
 $wb['https_port_error_regex'] = 'HTTPS Port invalid.';
+$wb['nginx_directive_blocked_error'] = 'Nginx directive blocked by security settings:';
 ?>
diff --git a/interface/web/sites/lib/lang/pt_web_domain.lng b/interface/web/sites/lib/lang/pt_web_domain.lng
index 475544e16ddb264c00fa344a3db213614350e5ea..fc7add5d896a6299f65ef0c96fa60a3cec2310a1 100644
--- a/interface/web/sites/lib/lang/pt_web_domain.lng
+++ b/interface/web/sites/lib/lang/pt_web_domain.lng
@@ -133,4 +133,5 @@ $wb['http_port_txt'] = 'HTTP Port';
 $wb['https_port_txt'] = 'HTTPS Port';
 $wb['http_port_error_regex'] = 'HTTP Port invalid.';
 $wb['https_port_error_regex'] = 'HTTPS Port invalid.';
+$wb['nginx_directive_blocked_error'] = 'Nginx directive blocked by security settings:';
 ?>
diff --git a/interface/web/sites/lib/lang/ro_web_domain.lng b/interface/web/sites/lib/lang/ro_web_domain.lng
index 185155ad816c2b41545256330291db646b70d045..7e98b45d02221301f5257938c6dcbf9336d075cd 100644
--- a/interface/web/sites/lib/lang/ro_web_domain.lng
+++ b/interface/web/sites/lib/lang/ro_web_domain.lng
@@ -133,4 +133,5 @@ $wb['http_port_txt'] = 'HTTP Port';
 $wb['https_port_txt'] = 'HTTPS Port';
 $wb['http_port_error_regex'] = 'HTTP Port invalid.';
 $wb['https_port_error_regex'] = 'HTTPS Port invalid.';
+$wb['nginx_directive_blocked_error'] = 'Nginx directive blocked by security settings:';
 ?>
diff --git a/interface/web/sites/lib/lang/ru_web_domain.lng b/interface/web/sites/lib/lang/ru_web_domain.lng
index a4be337fb41bd44f4528abc1a87cbf18792972b1..6cba45f1b7e065079da9d7bf900c41c09c9900c9 100644
--- a/interface/web/sites/lib/lang/ru_web_domain.lng
+++ b/interface/web/sites/lib/lang/ru_web_domain.lng
@@ -133,4 +133,5 @@ $wb['http_port_txt'] = 'ÐŸÐ¾Ñ€Ñ‚ HTTP';
 $wb['https_port_txt'] = 'ÐŸÐ¾Ñ€Ñ‚ HTTPS';
 $wb['http_port_error_regex'] = 'ÐÐµÐºÐ¾Ñ€Ñ€ÐµÐºÑ‚Ð½Ñ‹Ð¹ Ð¿Ð¾Ñ€Ñ‚ HTTP.';
 $wb['https_port_error_regex'] = 'ÐÐµÐºÐ¾Ñ€Ñ€ÐµÐºÑ‚Ð½Ñ‹Ð¹ Ð¿Ð¾Ñ€Ñ‚ HTTPS.';
+$wb['nginx_directive_blocked_error'] = 'Nginx directive blocked by security settings:';
 ?>
diff --git a/interface/web/sites/lib/lang/se_web_domain.lng b/interface/web/sites/lib/lang/se_web_domain.lng
index b4f58b827e65b9d81e49837f05b79e262f51b6d7..91fa8c4db56627639c7a3519cad7bea8913bf62a 100644
--- a/interface/web/sites/lib/lang/se_web_domain.lng
+++ b/interface/web/sites/lib/lang/se_web_domain.lng
@@ -133,4 +133,5 @@ $wb['http_port_txt'] = 'HTTP Port';
 $wb['https_port_txt'] = 'HTTPS Port';
 $wb['http_port_error_regex'] = 'HTTP Port invalid.';
 $wb['https_port_error_regex'] = 'HTTPS Port invalid.';
+$wb['nginx_directive_blocked_error'] = 'Nginx directive blocked by security settings:';
 ?>
diff --git a/interface/web/sites/lib/lang/sk_web_domain.lng b/interface/web/sites/lib/lang/sk_web_domain.lng
index 8e39ca8afa24b98212beaf0e5478c20de4b29055..f8f2f79b965f20526db9faf7d8e551d0892b6cf2 100644
--- a/interface/web/sites/lib/lang/sk_web_domain.lng
+++ b/interface/web/sites/lib/lang/sk_web_domain.lng
@@ -133,4 +133,5 @@ $wb['http_port_txt'] = 'HTTP Port';
 $wb['https_port_txt'] = 'HTTPS Port';
 $wb['http_port_error_regex'] = 'HTTP Port invalid.';
 $wb['https_port_error_regex'] = 'HTTPS Port invalid.';
+$wb['nginx_directive_blocked_error'] = 'Nginx directive blocked by security settings:';
 ?>
diff --git a/interface/web/sites/lib/lang/tr_web_domain.lng b/interface/web/sites/lib/lang/tr_web_domain.lng
index da3625df37340c411ad9c75a5b8680960f8b7192..c97ce73778810e403fdbdc1e1e1d0f8d570eb1a9 100644
--- a/interface/web/sites/lib/lang/tr_web_domain.lng
+++ b/interface/web/sites/lib/lang/tr_web_domain.lng
@@ -133,4 +133,5 @@ $wb['http_port_txt'] = 'HTTP Port';
 $wb['https_port_txt'] = 'HTTPS Port';
 $wb['http_port_error_regex'] = 'HTTP Port invalid.';
 $wb['https_port_error_regex'] = 'HTTPS Port invalid.';
+$wb['nginx_directive_blocked_error'] = 'Nginx directive blocked by security settings:';
 ?>
diff --git a/security/apache_directives.blacklist b/security/apache_directives.blacklist
index edb4b503d387c0ced2be822740ef110e3a5977b5..6dd376d643cac4d52f2885b9da68d043b08821f2 100644
--- a/security/apache_directives.blacklist
+++ b/security/apache_directives.blacklist
@@ -1,3 +1,3 @@
-/^\s*(LoadModule|LoadFile|Include)(\s+|[\\\\])/mi
+/^\s*(LoadModule|LoadFile|Include|IncludeOptional)(\s+|[\\\\])/mi
 /^\s*(SuexecUserGroup|suPHP_UserGroup|suPHP_PHPPath|suPHP_ConfigPath)(\s+|[\\\\])/mi
 /^\s*(FCGIWrapper|FastCgiExternalServer)(\s+|[\\\\])/mi
\ No newline at end of file
diff --git a/security/nginx_directives.blacklist b/security/nginx_directives.blacklist
new file mode 100644
index 0000000000000000000000000000000000000000..2f7122a14856d8bbdac6fad782b84557f851a5c4
--- /dev/null
+++ b/security/nginx_directives.blacklist
@@ -0,0 +1 @@
+/^\s*(load_module)(\s+|[\\\\])/mi
\ No newline at end of file
diff --git a/security/security_settings.ini b/security/security_settings.ini
index 5cc381e3cde02bd8da1c69e14af5d9cad9a7c8b2..eb78e24d53d5ef1cce7d3d4176843bfcfafc66fd 100644
--- a/security/security_settings.ini
+++ b/security/security_settings.ini
@@ -26,6 +26,7 @@ ids_block_level=100
 sql_scan_enabled=yes
 sql_scan_action=warn
 apache_directives_scan_enabled=yes
+nginx_directives_scan_enabled=yes
 
 [systemcheck]
 security_admin_email=root@localhost