diff --git a/install/sql/ispconfig3.sql b/install/sql/ispconfig3.sql
index bf5e8dbaff796d991acb9bca39834c1a97c45678..e8162b8e839cf1c6eae8ceac07a73b26f1252f28 100644
--- a/install/sql/ispconfig3.sql
+++ b/install/sql/ispconfig3.sql
@@ -1557,6 +1557,7 @@ CREATE TABLE IF NOT EXISTS `web_folder_user` (
   `sys_perm_user` varchar(5) DEFAULT NULL,
   `sys_perm_group` varchar(5) DEFAULT NULL,
   `sys_perm_other` varchar(5) DEFAULT NULL,
+  `server_id` int(11) NOT NULL DEFAULT '0',
   `web_folder_id` int(11) NOT NULL DEFAULT '0',
   `username` varchar(255) DEFAULT NULL,
   `password` varchar(255) DEFAULT NULL,
diff --git a/interface/web/admin/templates/server_config_ufw_edit.htm b/interface/web/admin/templates/server_config_ufw_edit.htm
new file mode 100644
index 0000000000000000000000000000000000000000..2cb8c52bbec069eb40fc0c844e25b05f49756cac
--- /dev/null
+++ b/interface/web/admin/templates/server_config_ufw_edit.htm
@@ -0,0 +1,66 @@
+<h2><tmpl_var name="list_head_txt"></h2>
+<p><tmpl_var name="list_desc_txt"></p>
+
+<div class="panel panel_server_config">
+
+  <div class="pnl_formsarea">
+    <fieldset class="inlineLabels"><legend>UFW Firewall</legend>
+      <div class="ctrlHolder">
+				<p class="label">{tmpl_var name='ufw_enable_txt'}</p>
+					<div class="multiField">
+						{tmpl_var name='ufw_enable'}
+					</div>
+			</div>
+      <div class="ctrlHolder">
+				<p class="label">{tmpl_var name='ufw_manage_builtins_txt'}</p>
+					<div class="multiField">
+						{tmpl_var name='ufw_manage_builtins'}
+					</div>
+			</div>
+      <div class="ctrlHolder">
+				<p class="label">{tmpl_var name='ufw_ipv6_txt'}</p>
+					<div class="multiField">
+						{tmpl_var name='ufw_ipv6'}
+					</div>
+			</div>
+      <div class="ctrlHolder">
+      	<label for="ufw_default_input_policy">{tmpl_var name='ufw_default_input_policy_txt'}</label>
+        <select name="ufw_default_input_policy" id="ufw_default_input_policy" class="selectInput">
+					{tmpl_var name='ufw_default_input_policy'}
+				</select>
+      </div>
+      <div class="ctrlHolder">
+      	<label for="ufw_default_output_policy">{tmpl_var name='ufw_default_output_policy_txt'}</label>
+        <select name="ufw_default_output_policy" id="ufw_default_output_policy" class="selectInput">
+					{tmpl_var name='ufw_default_output_policy'}
+				</select>
+      </div>
+      <div class="ctrlHolder">
+      	<label for="ufw_default_forward_policy">{tmpl_var name='ufw_default_forward_policy_txt'}</label>
+        <select name="ufw_default_forward_policy" id="ufw_default_forward_policy" class="selectInput">
+					{tmpl_var name='ufw_default_forward_policy'}
+				</select>
+      </div>
+      <div class="ctrlHolder">
+      	<label for="ufw_default_application_policy">{tmpl_var name='ufw_default_application_policy_txt'}</label>
+        <select name="ufw_default_application_policy" id="ufw_default_application_policy" class="selectInput">
+					{tmpl_var name='ufw_default_application_policy'}
+				</select>
+      </div>
+      <div class="ctrlHolder">
+      	<label for="ufw_log_level">{tmpl_var name='ufw_log_level_txt'}</label>
+        <select name="ufw_log_level" id="ufw_log_level" class="selectInput">
+					{tmpl_var name='ufw_log_level'}
+				</select>
+      </div>
+    </fieldset>
+
+    <input type="hidden" name="id" value="{tmpl_var name='id'}">
+
+    <div class="buttonHolder buttons">
+      <button class="positive iconstxt icoPositive" type="button" value="{tmpl_var name='btn_save_txt'}" onClick="submitForm('pageForm','admin/server_config_edit.php');"><span>{tmpl_var name='btn_save_txt'}</span></button>
+      <button class="negative iconstxt icoNegative" type="button" value="{tmpl_var name='btn_cancel_txt'}" onClick="loadContent('admin/server_config_list.php');"><span>{tmpl_var name='btn_cancel_txt'}</span></button>
+    </div>
+  </div>
+  
+</div>
diff --git a/interface/web/client/client_del.php b/interface/web/client/client_del.php
index 3ff3c8027b4469295c868a83008f216511ff7ccb..29abe6f4189ab1e33eac6d7bbb4f3013637b9014 100644
--- a/interface/web/client/client_del.php
+++ b/interface/web/client/client_del.php
@@ -131,7 +131,7 @@ class page_action extends tform_actions {
 			$app->db->query("DELETE FROM sys_user WHERE client_id = $client_id");
 			
 			// Delete all records (sub-clients, mail, web, etc....)  of this client.
-			$tables = 'client,dns_rr,dns_soa,dns_slave,ftp_user,mail_access,mail_content_filter,mail_domain,mail_forwarding,mail_get,mail_user,mail_user_filter,shell_user,spamfilter_users,support_message,web_database,web_domain,web_traffic';
+			$tables = 'client,dns_rr,dns_soa,dns_slave,ftp_user,mail_access,mail_content_filter,mail_domain,mail_forwarding,mail_get,mail_user,mail_user_filter,shell_user,spamfilter_users,support_message,web_database,web_domain,web_traffic,web_folder,web_folder_user';
 			$tables_array = explode(',',$tables);
 			$client_group_id = intval($client_group['groupid']);
 			if($client_group_id > 1) {
diff --git a/interface/web/sites/form/web_folder.tform.php b/interface/web/sites/form/web_folder.tform.php
new file mode 100644
index 0000000000000000000000000000000000000000..8e5de211dd0fcb5aa330dbf045e5d9a6cf4d58e8
--- /dev/null
+++ b/interface/web/sites/form/web_folder.tform.php
@@ -0,0 +1,110 @@
+<?php
+
+/*
+	Form Definition
+
+	Tabledefinition
+
+	Datatypes:
+	- INTEGER (Forces the input to Int)
+	- DOUBLE
+	- CURRENCY (Formats the values to currency notation)
+	- VARCHAR (no format check, maxlength: 255)
+	- TEXT (no format check)
+	- DATE (Dateformat, automatic conversion to timestamps)
+
+	Formtype:
+	- TEXT (Textfield)
+	- TEXTAREA (Textarea)
+	- PASSWORD (Password textfield, input is not shown when edited)
+	- SELECT (Select option field)
+	- RADIO
+	- CHECKBOX
+	- CHECKBOXARRAY
+	- FILE
+
+	VALUE:
+	- Wert oder Array
+
+	Hint:
+	The ID field of the database table is not part of the datafield definition.
+	The ID field must be always auto incement (int or bigint).
+
+
+*/
+
+$form["title"] 			= "Web Folder";
+$form["description"] 	= "";
+$form["name"] 			= "web_folder";
+$form["action"]			= "web_folder_edit.php";
+$form["db_table"]		= "web_folder";
+$form["db_table_idx"]	= "web_folder_id";
+$form["db_history"]		= "yes";
+$form["tab_default"]	= "folder";
+$form["list_default"]	= "web_folder_list.php";
+$form["auth"]			= 'yes'; // yes / no
+
+$form["auth_preset"]["userid"]  = 0; // 0 = id of the user, > 0 id must match with id of current user
+$form["auth_preset"]["groupid"] = 0; // 0 = default groupid of the user, > 0 id must match with groupid of current user
+$form["auth_preset"]["perm_user"] = 'riud'; //r = read, i = insert, u = update, d = delete
+$form["auth_preset"]["perm_group"] = 'riud'; //r = read, i = insert, u = update, d = delete
+$form["auth_preset"]["perm_other"] = ''; //r = read, i = insert, u = update, d = delete
+
+$form["tabs"]['folder'] = array (
+	'title' 	=> "Folder",
+	'width' 	=> 100,
+	'template' 	=> "templates/web_folder_edit.htm",
+	'fields' 	=> array (
+	##################################
+	# Begin Datatable fields
+	##################################
+		'server_id' => array (
+			'datatype'	=> 'INTEGER',
+			'formtype'	=> 'SELECT',
+			'default'	=> '',
+			'datasource'	=> array ( 	'type'	=> 'SQL',
+										'querystring' => 'SELECT server_id,server_name FROM server WHERE mirror_server_id = 0 AND {AUTHSQL} ORDER BY server_name',
+										'keyfield'=> 'server_id',
+										'valuefield'=> 'server_name'
+									 ),
+			'value'		=> ''
+		),
+		'parent_domain_id' => array (
+			'datatype'	=> 'INTEGER',
+			'formtype'	=> 'SELECT',
+			'default'	=> '',
+			'datasource'	=> array ( 	'type'	=> 'SQL',
+										'querystring' => "SELECT domain_id,domain FROM web_domain WHERE type = 'vhost' AND {AUTHSQL} ORDER BY domain",
+										'keyfield'=> 'domain_id',
+										'valuefield'=> 'domain'
+									 ),
+			'value'		=> ''
+		),
+		'path' => array (
+			'datatype'	=> 'VARCHAR',
+			'formtype'	=> 'TEXT',
+			'validators'	=> array ( 	0 => array (	'type'	=> 'REGEX',
+														'regex' => '/^[\w\.\-\_\/]{0,255}$/',
+														'errmsg'=> 'path_error_regex'),
+									),
+			'default'	=> '/',
+			'value'		=> '',
+			'width'		=> '30',
+			'maxlength'	=> '255'
+		),
+		'active' => array (
+			'datatype'	=> 'VARCHAR',
+			'formtype'	=> 'CHECKBOX',
+			'default'	=> 'y',
+			'value'		=> array(0 => 'n',1 => 'y')
+		),
+	##################################
+	# ENDE Datatable fields
+	##################################
+	)
+);
+
+
+
+
+?>
\ No newline at end of file
diff --git a/interface/web/sites/form/web_folder_user.tform.php b/interface/web/sites/form/web_folder_user.tform.php
new file mode 100644
index 0000000000000000000000000000000000000000..de22b3d4616648823bdfbf9771be78b7268e3d95
--- /dev/null
+++ b/interface/web/sites/form/web_folder_user.tform.php
@@ -0,0 +1,122 @@
+<?php
+
+/*
+	Form Definition
+
+	Tabledefinition
+
+	Datatypes:
+	- INTEGER (Forces the input to Int)
+	- DOUBLE
+	- CURRENCY (Formats the values to currency notation)
+	- VARCHAR (no format check, maxlength: 255)
+	- TEXT (no format check)
+	- DATE (Dateformat, automatic conversion to timestamps)
+
+	Formtype:
+	- TEXT (Textfield)
+	- TEXTAREA (Textarea)
+	- PASSWORD (Password textfield, input is not shown when edited)
+	- SELECT (Select option field)
+	- RADIO
+	- CHECKBOX
+	- CHECKBOXARRAY
+	- FILE
+
+	VALUE:
+	- Wert oder Array
+
+	Hint:
+	The ID field of the database table is not part of the datafield definition.
+	The ID field must be always auto incement (int or bigint).
+
+
+*/
+
+$form["title"] 			= "Web folder user";
+$form["description"] 	= "";
+$form["name"] 			= "web_folder_user";
+$form["action"]			= "web_folder_user_edit.php";
+$form["db_table"]		= "web_folder_user";
+$form["db_table_idx"]	= "web_folder_user_id";
+$form["db_history"]		= "yes";
+$form["tab_default"]	= "user";
+$form["list_default"]	= "web_folder_user_list.php";
+$form["auth"]			= 'yes'; // yes / no
+
+$form["auth_preset"]["userid"]  = 0; // 0 = id of the user, > 0 id must match with id of current user
+$form["auth_preset"]["groupid"] = 0; // 0 = default groupid of the user, > 0 id must match with groupid of current user
+$form["auth_preset"]["perm_user"] = 'riud'; //r = read, i = insert, u = update, d = delete
+$form["auth_preset"]["perm_group"] = 'riud'; //r = read, i = insert, u = update, d = delete
+$form["auth_preset"]["perm_other"] = ''; //r = read, i = insert, u = update, d = delete
+
+$form["tabs"]['user'] = array (
+	'title' 	=> "Folder",
+	'width' 	=> 100,
+	'template' 	=> "templates/web_folder_user_edit.htm",
+	'fields' 	=> array (
+	##################################
+	# Begin Datatable fields
+	##################################
+		'server_id' => array (
+			'datatype'	=> 'INTEGER',
+			'formtype'	=> 'SELECT',
+			'default'	=> '',
+			'datasource'	=> array ( 	'type'	=> 'SQL',
+										'querystring' => 'SELECT server_id,server_name FROM server WHERE mirror_server_id = 0 AND {AUTHSQL} ORDER BY server_name',
+										'keyfield'=> 'server_id',
+										'valuefield'=> 'server_name'
+									 ),
+			'value'		=> ''
+		),
+		'web_folder_id' => array (
+			'datatype'	=> 'INTEGER',
+			'formtype'	=> 'SELECT',
+			'default'	=> '',
+			'datasource'	=> array ( 	'type'	=> 'SQL',
+										'querystring' => "Select concat(web_domain.domain,' ',web_folder.path) as name, web_folder.web_folder_id from web_domain, web_folder WHERE web_domain.domain_id = web_folder.parent_domain_id AND {AUTHSQL} ORDER BY web_domain.domain",
+										'keyfield'=> 'web_folder_id',
+										'valuefield'=> 'name'
+									 ),
+			'validators'	=> array ( 	0 => array (	'type'	=> 'NOTEMPTY',
+														'errmsg'=> 'folder_error_empty'),
+									),
+			'value'		=> ''
+		),
+		'username' => array (
+			'datatype'	=> 'VARCHAR',
+			'formtype'	=> 'TEXT',
+			'validators'	=> array ( 	0 => array (	'type'	=> 'REGEX',
+														'regex' => '/^[\w\.\-]{0,64}$/',
+														'errmsg'=> 'username_error_regex'),
+									),
+			'default'	=> '',
+			'value'		=> '',
+			'width'		=> '30',
+			'maxlength'	=> '255'
+		),
+		'password' => array (
+			'datatype'	=> 'VARCHAR',
+			'formtype'	=> 'PASSWORD',
+			'encryption' => 'CRYPT',
+			'default'	=> '',
+			'value'		=> '',
+			'width'		=> '30',
+			'maxlength'	=> '255'
+		),
+		'active' => array (
+			'datatype'	=> 'VARCHAR',
+			'formtype'	=> 'CHECKBOX',
+			'default'	=> 'y',
+			'value'		=> array(0 => 'n',1 => 'y')
+		),
+	##################################
+	# ENDE Datatable fields
+	##################################
+	)
+);
+
+
+
+
+?>
\ No newline at end of file
diff --git a/interface/web/sites/lib/lang/en_web_folder.lng b/interface/web/sites/lib/lang/en_web_folder.lng
new file mode 100644
index 0000000000000000000000000000000000000000..5e8ede00cff5f0428b418b01f05a472951db647e
--- /dev/null
+++ b/interface/web/sites/lib/lang/en_web_folder.lng
@@ -0,0 +1,7 @@
+<?php
+$wb["server_id_txt"] = 'Server';
+$wb["parent_domain_id_txt"] = 'Website';
+$wb["path_txt"] = 'Path';
+$wb["active_txt"] = 'Active';
+$wb["path_error_regex"] = 'Invalid folder path.';
+?>
\ No newline at end of file
diff --git a/interface/web/sites/lib/lang/en_web_folder_list.lng b/interface/web/sites/lib/lang/en_web_folder_list.lng
new file mode 100644
index 0000000000000000000000000000000000000000..32780abda59b4cb9c2de07805324109ddbb01267
--- /dev/null
+++ b/interface/web/sites/lib/lang/en_web_folder_list.lng
@@ -0,0 +1,7 @@
+<?php
+$wb["list_head_txt"] = 'Folder';
+$wb["active_txt"] = 'Active';
+$wb["server_id_txt"] = 'Server';
+$wb["parent_domain_id_txt"] = 'Website';
+$wb["path_txt"] = 'Path';
+?>
\ No newline at end of file
diff --git a/interface/web/sites/lib/lang/en_web_folder_user.lng b/interface/web/sites/lib/lang/en_web_folder_user.lng
new file mode 100644
index 0000000000000000000000000000000000000000..3b553e94c6ed8cb4a0600c8d1a5e57c7e575e496
--- /dev/null
+++ b/interface/web/sites/lib/lang/en_web_folder_user.lng
@@ -0,0 +1,7 @@
+<?php
+$wb["web_folder_id_txt"] = 'Folder';
+$wb["username_txt"] = 'Username';
+$wb["password_txt"] = 'Password';
+$wb["active_txt"] = 'Active';
+$wb["folder_error_empty"] = 'No web folder selecetd.';
+?>
\ No newline at end of file
diff --git a/interface/web/sites/lib/lang/en_web_folder_user_list.lng b/interface/web/sites/lib/lang/en_web_folder_user_list.lng
new file mode 100644
index 0000000000000000000000000000000000000000..d0d9e05d1e56a44ba195f8511ce4929cf7237160
--- /dev/null
+++ b/interface/web/sites/lib/lang/en_web_folder_user_list.lng
@@ -0,0 +1,6 @@
+<?php
+$wb["list_head_txt"] = 'Folder User';
+$wb["active_txt"] = 'Active';
+$wb["web_folder_id_txt"] = 'Folder';
+$wb["username_txt"] = 'Username';
+?>
\ No newline at end of file
diff --git a/interface/web/sites/lib/module.conf.php b/interface/web/sites/lib/module.conf.php
index 8802b27b5a89ec7260c5f202ad05e4d5f4f22be4..cbcc62bd9b6a845f2f57d8f99cc4bcb82719406a 100644
--- a/interface/web/sites/lib/module.conf.php
+++ b/interface/web/sites/lib/module.conf.php
@@ -116,6 +116,26 @@ if($app->auth->get_client_limit($userid,'webdav_user') != 0)
 			'items'	=> $items);
 }
 
+/*
+ *	Web folder menu
+ */
+	$items=array();
+	
+	$items[] = array( 'title' 	=> "Folder",
+			'target' 	=> 'content',
+			'link'	=> 'sites/web_folder_list.php',
+			'html_id' => 'web_folder_list');
+	
+	$items[] = array( 'title' 	=> "Folder users",
+			'target' 	=> 'content',
+			'link'	=> 'sites/web_folder_user_list.php',
+			'html_id' => 'web_folder_user_list');
+	
+	$module["nav"][] = array(	'title'	=> 'Folder protection',
+			'open' 	=> 1,
+			'items'	=> $items);
+
+
 /*
     Cron menu
 */
@@ -153,18 +173,6 @@ $module['nav'][] = array(   'title' => 'Statistics',
 
 
 
-// clean up
-unset($items);
-
-$items[] = array( 'title' 	=> "Rewrite Rules",
-				  'target' 	=> 'content',
-				  'link'	=> 'sites/proxy_reverse_list.php');
-
-
-$module["nav"][] = array(	'title'	=> 'Reverse Proxy',
-							'open' 	=> 1,
-							'items'	=> $items);
-
 // clean up
 unset($items);
 
diff --git a/interface/web/sites/list/web_folder.list.php b/interface/web/sites/list/web_folder.list.php
new file mode 100644
index 0000000000000000000000000000000000000000..73101b2ad6d0b99e388fc21f1d0d486cad1418b9
--- /dev/null
+++ b/interface/web/sites/list/web_folder.list.php
@@ -0,0 +1,99 @@
+<?php
+
+/*
+	Datatypes:
+	- INTEGER
+	- DOUBLE
+	- CURRENCY
+	- VARCHAR
+	- TEXT
+	- DATE
+*/
+
+
+
+// Name of the list
+$liste["name"] 				= "web_folder";
+
+// Database table
+$liste["table"] 			= "web_folder";
+
+// Index index field of the database table
+$liste["table_idx"]			= "web_folder_id";
+
+// Search Field Prefix
+$liste["search_prefix"] 	= "search_";
+
+// Records per page
+$liste["records_per_page"] 	= "15";
+
+// Script File of the list
+$liste["file"]				= "web_folder_list.php";
+
+// Script file of the edit form
+$liste["edit_file"]			= "web_folder_edit.php";
+
+// Script File of the delete script
+$liste["delete_file"]		= "web_folder_del.php";
+
+// Paging Template
+$liste["paging_tpl"]		= "templates/paging.tpl.htm";
+
+// Enable auth
+$liste["auth"]				= "yes";
+
+
+/*****************************************************
+* Suchfelder
+*****************************************************/
+
+
+$liste["item"][] = array(	'field'		=> "active",
+							'datatype'	=> "VARCHAR",
+							'formtype'	=> "SELECT",
+							'op'		=> "=",
+							'prefix'	=> "",
+							'suffix'	=> "",
+							'width'		=> "",
+							'value'		=> array('y' => "<div id=\"ir-Yes\" class=\"swap\"><span>Yes</span></div>",'n' => "<div class=\"swap\" id=\"ir-No\"><span>No</span></div>"));
+
+
+$liste["item"][] = array(	'field'		=> "server_id",
+							'datatype'	=> "VARCHAR",
+							'formtype'	=> "SELECT",
+							'op'		=> "like",
+							'prefix'	=> "%",
+							'suffix'	=> "%",
+							'datasource'	=> array ( 	'type'	=> 'SQL',
+														'querystring' => 'SELECT server_id,server_name FROM server WHERE {AUTHSQL} ORDER BY server_name',
+														'keyfield'=> 'server_id',
+														'valuefield'=> 'server_name'
+									 				  ),
+							'width'		=> "",
+							'value'		=> "");
+
+$liste["item"][] = array(	'field'		=> "parent_domain_id",
+							'datatype'	=> "VARCHAR",
+							'formtype'	=> "SELECT",
+							'op'		=> "=",
+							'prefix'	=> "",
+							'suffix'	=> "",
+							'datasource'	=> array ( 	'type'	=> 'SQL',
+										'querystring' => "SELECT domain_id,domain FROM web_domain WHERE type = 'vhost' AND {AUTHSQL} ORDER BY domain",
+										'keyfield'=> 'domain_id',
+										'valuefield'=> 'domain'
+									 ),
+							'width'		=> "",
+							'value'		=> "");
+
+$liste["item"][] = array(	'field'		=> "path",
+							'datatype'	=> "VARCHAR",
+							'formtype'	=> "TEXT",
+							'op'		=> "like",
+							'prefix'	=> "%",
+							'suffix'	=> "%",
+							'width'		=> "",
+							'value'		=> "");
+
+
+?>
\ No newline at end of file
diff --git a/interface/web/sites/list/web_folder_user.list.php b/interface/web/sites/list/web_folder_user.list.php
new file mode 100644
index 0000000000000000000000000000000000000000..2ee44810519ced12bff92d7fff943be41b576124
--- /dev/null
+++ b/interface/web/sites/list/web_folder_user.list.php
@@ -0,0 +1,85 @@
+<?php
+
+/*
+	Datatypes:
+	- INTEGER
+	- DOUBLE
+	- CURRENCY
+	- VARCHAR
+	- TEXT
+	- DATE
+*/
+
+
+
+// Name of the list
+$liste["name"] 				= "web_folder_user";
+
+// Database table
+$liste["table"] 			= "web_folder_user";
+
+// Index index field of the database table
+$liste["table_idx"]			= "web_folder_user_id";
+
+// Search Field Prefix
+$liste["search_prefix"] 	= "search_";
+
+// Records per page
+$liste["records_per_page"] 	= "15";
+
+// Script File of the list
+$liste["file"]				= "web_folder_user_list.php";
+
+// Script file of the edit form
+$liste["edit_file"]			= "web_folder_user_edit.php";
+
+// Script File of the delete script
+$liste["delete_file"]		= "web_folder_user_del.php";
+
+// Paging Template
+$liste["paging_tpl"]		= "templates/paging.tpl.htm";
+
+// Enable auth
+$liste["auth"]				= "yes";
+
+
+/*****************************************************
+* Suchfelder
+*****************************************************/
+
+
+$liste["item"][] = array(	'field'		=> "active",
+							'datatype'	=> "VARCHAR",
+							'formtype'	=> "SELECT",
+							'op'		=> "=",
+							'prefix'	=> "",
+							'suffix'	=> "",
+							'width'		=> "",
+							'value'		=> array('y' => "<div id=\"ir-Yes\" class=\"swap\"><span>Yes</span></div>",'n' => "<div class=\"swap\" id=\"ir-No\"><span>No</span></div>"));
+
+
+$liste["item"][] = array(	'field'		=> "web_folder_id",
+							'datatype'	=> "VARCHAR",
+							'formtype'	=> "SELECT",
+							'op'		=> "=",
+							'prefix'	=> "",
+							'suffix'	=> "",
+							'datasource'	=> array ( 	'type'	=> 'SQL',
+										'querystring' => "Select concat(web_domain.domain,' ',web_folder.path) as name, web_folder.web_folder_id from web_domain, web_folder WHERE web_domain.domain_id = web_folder.parent_domain_id AND {AUTHSQL} ORDER BY web_domain.domain",
+										'keyfield'=> 'web_folder_id',
+										'valuefield'=> 'name'
+									 ),
+							'width'		=> "",
+							'value'		=> "");
+
+$liste["item"][] = array(	'field'		=> "username",
+							'datatype'	=> "VARCHAR",
+							'formtype'	=> "TEXT",
+							'op'		=> "like",
+							'prefix'	=> "%",
+							'suffix'	=> "%",
+							'width'		=> "",
+							'value'		=> "");
+
+
+?>
\ No newline at end of file
diff --git a/interface/web/sites/templates/web_folder_edit.htm b/interface/web/sites/templates/web_folder_edit.htm
new file mode 100644
index 0000000000000000000000000000000000000000..94ad5edbb0d513b7df2f612bf50c6d529b4d25e4
--- /dev/null
+++ b/interface/web/sites/templates/web_folder_edit.htm
@@ -0,0 +1,34 @@
+<h2><tmpl_var name="list_head_txt"></h2>
+<p><tmpl_var name="list_desc_txt"></p>
+
+<div class="panel panel_web_folder">
+
+  <div class="pnl_formsarea">
+    <fieldset class="inlineLabels"><legend>Folder</legend>
+      <div class="ctrlHolder">
+      	<label for="parent_domain_id">{tmpl_var name='parent_domain_id_txt'}</label>
+        <select name="parent_domain_id" id="parent_domain_id" class="selectInput">
+					{tmpl_var name='parent_domain_id'}
+				</select>
+      </div>
+      <div class="ctrlHolder">
+      	<label for="path">{tmpl_var name='path_txt'}</label>
+        <input name="path" id="path" value="{tmpl_var name='path'}" size="30" maxlength="255" type="text" class="textInput" />
+			</div>
+      <div class="ctrlHolder">
+				<p class="label">{tmpl_var name='active_txt'}</p>
+					<div class="multiField">
+						{tmpl_var name='active'}
+					</div>
+			</div>
+    </fieldset>
+
+    <input type="hidden" name="id" value="{tmpl_var name='id'}">
+
+    <div class="buttonHolder buttons">
+      <button class="positive iconstxt icoPositive" type="button" value="{tmpl_var name='btn_save_txt'}" onClick="submitForm('pageForm','sites/web_folder_edit.php');"><span>{tmpl_var name='btn_save_txt'}</span></button>
+      <button class="negative iconstxt icoNegative" type="button" value="{tmpl_var name='btn_cancel_txt'}" onClick="loadContent('sites/web_folder_list.php');"><span>{tmpl_var name='btn_cancel_txt'}</span></button>
+    </div>
+  </div>
+  
+</div>
diff --git a/interface/web/sites/templates/web_folder_list.htm b/interface/web/sites/templates/web_folder_list.htm
new file mode 100644
index 0000000000000000000000000000000000000000..f679c7d893aba5f2816b699d92817962248c222a
--- /dev/null
+++ b/interface/web/sites/templates/web_folder_list.htm
@@ -0,0 +1,58 @@
+<h2><tmpl_var name="list_head_txt"></h2>
+
+<div class="panel panel_list_web_folder">
+
+  <div class="pnl_toolsarea">
+    <fieldset><legend>{tmpl_var name="toolsarea_head_txt"}</legend>
+      <div class="buttons">
+        <button class="iconstxt icoAdd" type="button" onClick="loadContent('sites/web_folder_edit.php');">
+          <span>{tmpl_var name="add_new_record_txt"}</span>
+        </button>
+      </div>
+    </fieldset>
+  </div>
+
+  <div class="pnl_listarea">
+    <fieldset><legend><tmpl_var name="list_head_txt"></legend>
+      <table class="list">
+        <thead>
+          <tr>
+            <th class="tbl_col_active" scope="col"><tmpl_var name="active_txt"></th>
+            <th class="tbl_col_server_id" scope="col"><tmpl_var name="server_id_txt"></th>
+            <th class="tbl_col_parent_domain_id" scope="col"><tmpl_var name="parent_domain_id_txt"></th>
+            <th class="tbl_col_path" scope="col"><tmpl_var name="path_txt"></th>
+            <th class="tbl_col_buttons" scope="col">&nbsp;</th>
+          </tr>
+          <tr>
+            <td class="tbl_col_active"><select name="search_active" onChange="submitForm('pageForm','sites/web_folder_list.php');">{tmpl_var name='search_active'}</select></td>
+            <td class="tbl_col_server_id"><select name="search_server_id" onChange="submitForm('pageForm','sites/web_folder_list.php');">{tmpl_var name='search_server_id'}</select></td>
+            <td class="tbl_col_parent_domain_id"><select name="search_parent_domain_id" onChange="submitForm('pageForm','sites/web_folder_list.php');">{tmpl_var name='search_parent_domain_id'}</select></td>
+            <td class="tbl_col_path"><input type="text" name="search_path" value="{tmpl_var name='search_path'}" /></td>
+            <td class="tbl_col_buttons"><div class="buttons"><button type="button" class="icons16 icoFilter" name="Filter" id="Filter" value="{tmpl_var name="filter_txt"}" onClick="submitForm('pageForm','sites/web_folder_list.php');"><span>{tmpl_var name="filter_txt"}</span></button></div></td>
+          </tr>
+        </thead>
+        <tbody>
+          <tmpl_loop name="records">
+          <tr class="tbl_row_<tmpl_if name='__EVEN__'}even<tmpl_else>uneven</tmpl_if>">
+            <td class="tbl_col_active"><a href="#" onClick="loadContent('sites/web_folder_edit.php?id={tmpl_var name='id'}');">{tmpl_var name="active"}</a></td>
+            <td class="tbl_col_server_id"><a href="#" onClick="loadContent('sites/web_folder_edit.php?id={tmpl_var name='id'}');">{tmpl_var name="server_id"}</a></td>
+            <td class="tbl_col_parent_domain_id"><a href="#" onClick="loadContent('sites/web_folder_edit.php?id={tmpl_var name='id'}');">{tmpl_var name="parent_domain_id"}</a></td>
+            <td class="tbl_col_path"><a href="#" onClick="loadContent('sites/web_folder_edit.php?id={tmpl_var name='id'}');">{tmpl_var name="path"}</a></td>
+            <td class="tbl_col_buttons">
+              <div class="buttons icons16">    
+                <a class="icons16 icoDelete" href="javascript: del_record('sites/web_folder_del.php?id={tmpl_var name='id'}&phpsessid={tmpl_var name='phpsessid'}','{tmpl_var name='delete_confirmation'}');"><span>{tmpl_var name='delete_txt'}</span></a>
+              </div>
+            </td>
+          </tr>
+          </tmpl_loop>
+        </tbody>
+        <tfoot>
+          <tr>
+            <td class="tbl_footer tbl_paging" colspan="5"><tmpl_var name="paging"></td>
+          </tr>
+        </tfoot>
+      </table>
+    </fieldset>
+  </div>
+
+</div>
diff --git a/interface/web/sites/templates/web_folder_user_edit.htm b/interface/web/sites/templates/web_folder_user_edit.htm
new file mode 100644
index 0000000000000000000000000000000000000000..9a50af276e792dabd4d6f51b5f5b9623eef6678c
--- /dev/null
+++ b/interface/web/sites/templates/web_folder_user_edit.htm
@@ -0,0 +1,38 @@
+<h2><tmpl_var name="list_head_txt"></h2>
+<p><tmpl_var name="list_desc_txt"></p>
+
+<div class="panel panel_web_folder_user">
+
+  <div class="pnl_formsarea">
+    <fieldset class="inlineLabels"><legend>Folder</legend>
+      <div class="ctrlHolder">
+      	<label for="web_folder_id">{tmpl_var name='web_folder_id_txt'}</label>
+        <select name="web_folder_id" id="web_folder_id" class="selectInput">
+					{tmpl_var name='web_folder_id'}
+				</select>
+      </div>
+      <div class="ctrlHolder">
+      	<label for="username">{tmpl_var name='username_txt'}</label>
+        <input name="username" id="username" value="{tmpl_var name='username'}" size="30" maxlength="255" type="text" class="textInput" />
+			</div>
+      <div class="ctrlHolder">
+      	<label for="password">{tmpl_var name='password_txt'}</label>
+        <input name="password" id="password" value="{tmpl_var name='password'}" size="30" maxlength="255" type="password" class="textInput" />
+			</div>
+      <div class="ctrlHolder">
+				<p class="label">{tmpl_var name='active_txt'}</p>
+					<div class="multiField">
+						{tmpl_var name='active'}
+					</div>
+			</div>
+    </fieldset>
+
+    <input type="hidden" name="id" value="{tmpl_var name='id'}">
+
+    <div class="buttonHolder buttons">
+      <button class="positive iconstxt icoPositive" type="button" value="{tmpl_var name='btn_save_txt'}" onClick="submitForm('pageForm','sites/web_folder_user_edit.php');"><span>{tmpl_var name='btn_save_txt'}</span></button>
+      <button class="negative iconstxt icoNegative" type="button" value="{tmpl_var name='btn_cancel_txt'}" onClick="loadContent('sites/web_folder_user_list.php');"><span>{tmpl_var name='btn_cancel_txt'}</span></button>
+    </div>
+  </div>
+  
+</div>
diff --git a/interface/web/sites/templates/web_folder_user_list.htm b/interface/web/sites/templates/web_folder_user_list.htm
new file mode 100644
index 0000000000000000000000000000000000000000..942d5071c9ea50e33f4815e17f7c4170f19e9282
--- /dev/null
+++ b/interface/web/sites/templates/web_folder_user_list.htm
@@ -0,0 +1,55 @@
+<h2><tmpl_var name="list_head_txt"></h2>
+
+<div class="panel panel_list_web_folder_user">
+
+  <div class="pnl_toolsarea">
+    <fieldset><legend>{tmpl_var name="toolsarea_head_txt"}</legend>
+      <div class="buttons">
+        <button class="iconstxt icoAdd" type="button" onClick="loadContent('sites/web_folder_user_edit.php');">
+          <span>{tmpl_var name="add_new_record_txt"}</span>
+        </button>
+      </div>
+    </fieldset>
+  </div>
+
+  <div class="pnl_listarea">
+    <fieldset><legend><tmpl_var name="list_head_txt"></legend>
+      <table class="list">
+        <thead>
+          <tr>
+            <th class="tbl_col_active" scope="col"><tmpl_var name="active_txt"></th>
+            <th class="tbl_col_web_folder_id" scope="col"><tmpl_var name="web_folder_id_txt"></th>
+            <th class="tbl_col_username" scope="col"><tmpl_var name="username_txt"></th>
+            <th class="tbl_col_buttons" scope="col">&nbsp;</th>
+          </tr>
+          <tr>
+            <td class="tbl_col_active"><select name="search_active" onChange="submitForm('pageForm','sites/web_folder_user_list.php');">{tmpl_var name='search_active'}</select></td>
+            <td class="tbl_col_web_folder_id"><select name="search_web_folder_id" onChange="submitForm('pageForm','sites/web_folder_user_list.php');">{tmpl_var name='search_web_folder_id'}</select></td>
+            <td class="tbl_col_username"><input type="text" name="search_username" value="{tmpl_var name='search_username'}" /></td>
+            <td class="tbl_col_buttons"><div class="buttons"><button type="button" class="icons16 icoFilter" name="Filter" id="Filter" value="{tmpl_var name="filter_txt"}" onClick="submitForm('pageForm','sites/web_folder_user_list.php');"><span>{tmpl_var name="filter_txt"}</span></button></div></td>
+          </tr>
+        </thead>
+        <tbody>
+          <tmpl_loop name="records">
+          <tr class="tbl_row_<tmpl_if name='__EVEN__'}even<tmpl_else>uneven</tmpl_if>">
+            <td class="tbl_col_active"><a href="#" onClick="loadContent('sites/web_folder_user_edit.php?id={tmpl_var name='id'}');">{tmpl_var name="active"}</a></td>
+            <td class="tbl_col_web_folder_id"><a href="#" onClick="loadContent('sites/web_folder_user_edit.php?id={tmpl_var name='id'}');">{tmpl_var name="web_folder_id"}</a></td>
+            <td class="tbl_col_username"><a href="#" onClick="loadContent('sites/web_folder_user_edit.php?id={tmpl_var name='id'}');">{tmpl_var name="username"}</a></td>
+            <td class="tbl_col_buttons">
+              <div class="buttons icons16">    
+                <a class="icons16 icoDelete" href="javascript: del_record('sites/web_folder_user_del.php?id={tmpl_var name='id'}&phpsessid={tmpl_var name='phpsessid'}','{tmpl_var name='delete_confirmation'}');"><span>{tmpl_var name='delete_txt'}</span></a>
+              </div>
+            </td>
+          </tr>
+          </tmpl_loop>
+        </tbody>
+        <tfoot>
+          <tr>
+            <td class="tbl_footer tbl_paging" colspan="4"><tmpl_var name="paging"></td>
+          </tr>
+        </tfoot>
+      </table>
+    </fieldset>
+  </div>
+
+</div>
diff --git a/interface/web/sites/web_folder_del.php b/interface/web/sites/web_folder_del.php
new file mode 100644
index 0000000000000000000000000000000000000000..81faa658dc0191d1843c1fe95162809676321bc3
--- /dev/null
+++ b/interface/web/sites/web_folder_del.php
@@ -0,0 +1,70 @@
+<?php
+
+/*
+Copyright (c) 2011, Till Brehm, projektfarm Gmbh
+Modified 2009, Marius Cramer, pixcept KG
+All rights reserved.
+
+Redistribution and use in source and binary forms, with or without modification,
+are permitted provided that the following conditions are met:
+
+    * Redistributions of source code must retain the above copyright notice,
+      this list of conditions and the following disclaimer.
+    * Redistributions in binary form must reproduce the above copyright notice,
+      this list of conditions and the following disclaimer in the documentation
+      and/or other materials provided with the distribution.
+    * Neither the name of ISPConfig nor the names of its contributors
+      may be used to endorse or promote products derived from this software without
+      specific prior written permission.
+
+THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS "AS IS" AND
+ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED
+WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED.
+IN NO EVENT SHALL THE COPYRIGHT OWNER OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT,
+INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING,
+BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE,
+DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY
+OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING
+NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE,
+EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
+*/
+
+/******************************************
+* Begin Form configuration
+******************************************/
+
+$list_def_file = "list/web_folder.list.php";
+$tform_def_file = "form/web_folder.tform.php";
+
+/******************************************
+* End Form configuration
+******************************************/
+
+require_once('../../lib/config.inc.php');
+require_once('../../lib/app.inc.php');
+
+//* Check permissions for module
+$app->auth->check_module_permissions('sites');
+
+$app->uses('tpl,tform,tform_actions');
+$app->load('tform_actions');
+
+class page_action extends tform_actions {
+	function onBeforeDelete() {
+		global $app; $conf;
+		
+		if($app->tform->checkPerm($this->id,'d') == false) $app->error($app->lng('error_no_delete_permission'));
+		
+		// Delete all users that belong to this folder.
+		$records = $app->db->queryAllRecords("SELECT web_folder_user_id FROM web_folder_user WHERE web_folder_id = '".intval($this->id)."'");
+		foreach($records as $rec) {
+			$app->db->datalogDelete('web_folder_user','web_folder_user_id',$rec['web_folder_user_id']);
+		}
+		unset($records);
+	}
+}
+
+$page = new page_action;
+$page->onDelete();
+
+?>
\ No newline at end of file
diff --git a/interface/web/sites/web_folder_edit.php b/interface/web/sites/web_folder_edit.php
new file mode 100644
index 0000000000000000000000000000000000000000..182b2236101364655923d62d4bf0391406c3c994
--- /dev/null
+++ b/interface/web/sites/web_folder_edit.php
@@ -0,0 +1,71 @@
+<?php
+
+/*
+Copyright (c) 2011, Till Brehm, projektfarm Gmbh
+Modified 2009, Marius Cramer, pixcept KG
+All rights reserved.
+
+Redistribution and use in source and binary forms, with or without modification,
+are permitted provided that the following conditions are met:
+
+    * Redistributions of source code must retain the above copyright notice,
+      this list of conditions and the following disclaimer.
+    * Redistributions in binary form must reproduce the above copyright notice,
+      this list of conditions and the following disclaimer in the documentation
+      and/or other materials provided with the distribution.
+    * Neither the name of ISPConfig nor the names of its contributors
+      may be used to endorse or promote products derived from this software without
+      specific prior written permission.
+
+THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS "AS IS" AND
+ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED
+WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED.
+IN NO EVENT SHALL THE COPYRIGHT OWNER OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT,
+INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING,
+BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE,
+DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY
+OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING
+NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE,
+EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
+*/
+
+/******************************************
+* Begin Form configuration
+******************************************/
+
+$tform_def_file = "form/web_folder.tform.php";
+
+/******************************************
+* End Form configuration
+******************************************/
+
+require_once('../../lib/config.inc.php');
+require_once('../../lib/app.inc.php');
+
+//* Check permissions for module
+$app->auth->check_module_permissions('sites');
+
+// Loading classes
+$app->uses('tpl,tform,tform_actions,validate_cron');
+$app->load('tform_actions');
+
+class page_action extends tform_actions {
+
+	function onSubmit() {
+		global $app, $conf;
+		
+		// Get the record of the parent domain
+		$parent_domain = $app->db->queryOneRecord("select server_id FROM web_domain WHERE domain_id = ".intval(@$this->dataRecord["parent_domain_id"]));
+		
+		// Set a few fixed values
+		$this->dataRecord["server_id"] = $parent_domain["server_id"];
+		
+		parent::onSubmit();
+	}
+	
+}
+
+$page = new page_action;
+$page->onLoad();
+
+?>
\ No newline at end of file
diff --git a/interface/web/sites/web_folder_list.php b/interface/web/sites/web_folder_list.php
new file mode 100644
index 0000000000000000000000000000000000000000..08322bcac30fe1647ef8b597ae808742f5752602
--- /dev/null
+++ b/interface/web/sites/web_folder_list.php
@@ -0,0 +1,23 @@
+<?php
+require_once('../../lib/config.inc.php');
+require_once('../../lib/app.inc.php');
+
+/******************************************
+* Begin Form configuration
+******************************************/
+
+$list_def_file = "list/web_folder.list.php";
+
+/******************************************
+* End Form configuration
+******************************************/
+
+//* Check permissions for module
+$app->auth->check_module_permissions('sites');
+
+$app->uses('listform_actions');
+
+$app->listform_actions->onLoad();
+
+
+?>
\ No newline at end of file
diff --git a/interface/web/sites/web_folder_user_del.php b/interface/web/sites/web_folder_user_del.php
new file mode 100644
index 0000000000000000000000000000000000000000..3ecff3323b263578ded11d5c22639d4e0c0ec1f7
--- /dev/null
+++ b/interface/web/sites/web_folder_user_del.php
@@ -0,0 +1,59 @@
+<?php
+
+/*
+Copyright (c) 2011, Till Brehm, projektfarm Gmbh
+Modified 2009, Marius Cramer, pixcept KG
+All rights reserved.
+
+Redistribution and use in source and binary forms, with or without modification,
+are permitted provided that the following conditions are met:
+
+    * Redistributions of source code must retain the above copyright notice,
+      this list of conditions and the following disclaimer.
+    * Redistributions in binary form must reproduce the above copyright notice,
+      this list of conditions and the following disclaimer in the documentation
+      and/or other materials provided with the distribution.
+    * Neither the name of ISPConfig nor the names of its contributors
+      may be used to endorse or promote products derived from this software without
+      specific prior written permission.
+
+THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS "AS IS" AND
+ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED
+WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED.
+IN NO EVENT SHALL THE COPYRIGHT OWNER OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT,
+INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING,
+BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE,
+DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY
+OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING
+NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE,
+EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
+*/
+
+/******************************************
+* Begin Form configuration
+******************************************/
+
+$list_def_file = "list/web_folder_user.list.php";
+$tform_def_file = "form/web_folder_user.tform.php";
+
+/******************************************
+* End Form configuration
+******************************************/
+
+require_once('../../lib/config.inc.php');
+require_once('../../lib/app.inc.php');
+
+//* Check permissions for module
+$app->auth->check_module_permissions('sites');
+
+$app->uses('tpl,tform,tform_actions');
+$app->load('tform_actions');
+
+class page_action extends tform_actions {
+
+}
+
+$page = new page_action;
+$page->onDelete();
+
+?>
\ No newline at end of file
diff --git a/interface/web/sites/web_folder_user_edit.php b/interface/web/sites/web_folder_user_edit.php
new file mode 100644
index 0000000000000000000000000000000000000000..75a2caf5fd1ef571828b8a9975275740919be1ac
--- /dev/null
+++ b/interface/web/sites/web_folder_user_edit.php
@@ -0,0 +1,70 @@
+<?php
+
+/*
+Copyright (c) 2011, Till Brehm, projektfarm Gmbh
+Modified 2009, Marius Cramer, pixcept KG
+All rights reserved.
+
+Redistribution and use in source and binary forms, with or without modification,
+are permitted provided that the following conditions are met:
+
+    * Redistributions of source code must retain the above copyright notice,
+      this list of conditions and the following disclaimer.
+    * Redistributions in binary form must reproduce the above copyright notice,
+      this list of conditions and the following disclaimer in the documentation
+      and/or other materials provided with the distribution.
+    * Neither the name of ISPConfig nor the names of its contributors
+      may be used to endorse or promote products derived from this software without
+      specific prior written permission.
+
+THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS "AS IS" AND
+ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED
+WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED.
+IN NO EVENT SHALL THE COPYRIGHT OWNER OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT,
+INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING,
+BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE,
+DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY
+OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING
+NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE,
+EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
+*/
+
+/******************************************
+* Begin Form configuration
+******************************************/
+
+$tform_def_file = "form/web_folder_user.tform.php";
+
+/******************************************
+* End Form configuration
+******************************************/
+
+require_once('../../lib/config.inc.php');
+require_once('../../lib/app.inc.php');
+
+//* Check permissions for module
+$app->auth->check_module_permissions('sites');
+
+// Loading classes
+$app->uses('tpl,tform,tform_actions,validate_cron');
+$app->load('tform_actions');
+
+class page_action extends tform_actions {
+	
+	function onSubmit() {
+		global $app, $conf;
+		
+		// Get the record of the parent domain
+		$folder = $app->db->queryOneRecord("select server_id FROM web_folder WHERE web_folder_id = ".intval(@$this->dataRecord["web_folder_id"]));
+		
+		// Set a few fixed values
+		$this->dataRecord["server_id"] = $folder["server_id"];
+		
+		parent::onSubmit();
+	}
+}
+
+$page = new page_action;
+$page->onLoad();
+
+?>
\ No newline at end of file
diff --git a/interface/web/sites/web_folder_user_list.php b/interface/web/sites/web_folder_user_list.php
new file mode 100644
index 0000000000000000000000000000000000000000..e5515c27820399aaee89cea4bfa137b8b7472417
--- /dev/null
+++ b/interface/web/sites/web_folder_user_list.php
@@ -0,0 +1,23 @@
+<?php
+require_once('../../lib/config.inc.php');
+require_once('../../lib/app.inc.php');
+
+/******************************************
+* Begin Form configuration
+******************************************/
+
+$list_def_file = "list/web_folder_user.list.php";
+
+/******************************************
+* End Form configuration
+******************************************/
+
+//* Check permissions for module
+$app->auth->check_module_permissions('sites');
+
+$app->uses('listform_actions');
+
+$app->listform_actions->onLoad();
+
+
+?>
\ No newline at end of file
diff --git a/server/mods-available/web_module.inc.php b/server/mods-available/web_module.inc.php
index 4fdae18ef66aa4a1c2eca85693116c92cd466cf8..659cbcad5c2cd02a772b355f1a68d83f8895d839 100644
--- a/server/mods-available/web_module.inc.php
+++ b/server/mods-available/web_module.inc.php
@@ -43,7 +43,13 @@ class web_module {
 									'shell_user_delete',
 									'webdav_user_insert',
 									'webdav_user_update',
-									'webdav_user_delete');
+									'webdav_user_delete',
+									'web_folder_insert',
+									'web_folder_update',
+									'web_folder_delete',
+									'web_folder_user_insert',
+									'web_folder_user_update',
+									'web_folder_user_delete');
 	
 	//* This function is called during ispconfig installation to determine
 	//  if a symlink shall be created for this plugin.
@@ -121,6 +127,16 @@ class web_module {
 				if($action == 'u') $app->plugins->raiseEvent('webdav_user_update',$data);
 				if($action == 'd') $app->plugins->raiseEvent('webdav_user_delete',$data);
 			break;
+			case 'web_folder':
+				if($action == 'i') $app->plugins->raiseEvent('web_folder_insert',$data);
+				if($action == 'u') $app->plugins->raiseEvent('web_folder_update',$data);
+				if($action == 'd') $app->plugins->raiseEvent('web_folder_delete',$data);
+			break;
+			case 'web_folder_user':
+				if($action == 'i') $app->plugins->raiseEvent('web_folder_user_insert',$data);
+				if($action == 'u') $app->plugins->raiseEvent('web_folder_user_update',$data);
+				if($action == 'd') $app->plugins->raiseEvent('web_folder_user_delete',$data);
+			break;
 		} // end switch
 	} // end function
 	
diff --git a/server/plugins-available/apache2_plugin.inc.php b/server/plugins-available/apache2_plugin.inc.php
index 163cd7e5f1245cd4e3fe8ffcefc90e3b9fe40d17..f34068400a48d91b4149c521d43d024c42bac8bd 100644
--- a/server/plugins-available/apache2_plugin.inc.php
+++ b/server/plugins-available/apache2_plugin.inc.php
@@ -77,6 +77,13 @@ class apache2_plugin {
 		$app->plugins->registerEvent('webdav_user_delete',$this->plugin_name,'webdav');
 		
 		$app->plugins->registerEvent('client_delete',$this->plugin_name,'client_delete');
+		
+		$app->plugins->registerEvent('web_folder_user_insert',$this->plugin_name,'web_folder_user');
+		$app->plugins->registerEvent('web_folder_user_update',$this->plugin_name,'web_folder_user');
+		$app->plugins->registerEvent('web_folder_user_delete',$this->plugin_name,'web_folder_user');
+		
+		$app->plugins->registerEvent('web_folder_delete',$this->plugin_name,'web_folder_delete');
+		
 	}
 
 	// Handle the creation of SSL certificates
@@ -1183,6 +1190,104 @@ class apache2_plugin {
 		$app->log('Writing the conf file: '.$vhost_file,LOGLEVEL_DEBUG);
 		unset($tpl);
 
+	}
+	
+	//* Create or update the .htaccess folder protection
+	function web_folder_user($event_name,$data) {
+		global $app, $conf;
+		
+		$app->uses('system');
+		
+		if($event_name == 'web_folder_user_delete') {
+			$folder_id = $data['old']['web_folder_id'];
+		} else {
+			$folder_id = $data['new']['web_folder_id'];
+		}
+		
+		$folder = $app->db->queryOneRecord("SELECT * FROM web_folder WHERE web_folder_id = ".intval($folder_id));
+		$website = $app->db->queryOneRecord("SELECT * FROM web_domain WHERE domain_id = ".intval($folder['parent_domain_id']));
+		
+		if(!is_array($folder) or !is_array($website)) {
+			$app->log('Not able to retrieve folder or website record.',LOGLEVEL_DEBUG);
+			return false;
+		}
+		
+		//* Get the folder path.
+		$folder_path = realpath($website['document_root'].'/web/'.$folder['path']);
+		if(substr($folder_path,-1 != '/')) $folder_path .= '/';
+		
+		//* Check if the resulting path is inside the docroot
+		if(substr($folder_path,0,strlen($website['document_root'])) != $website['document_root']) {
+			$app->log('Folder path is outside of docroot.',LOGLEVEL_DEBUG);
+			return false;
+		}
+		
+		//* Create the folder path, if it does not exist
+		if(!is_dir($folder_path)) exec('mkdir -p '.escapehsellarg($folder_path));
+		
+		//* Create empty .htpasswd file, if it does not exist
+		if(!is_file($folder_path.'.htpasswd')) {
+			touch($folder_path.'.htpasswd');
+			chmod($folder_path.'.htpasswd',0755);
+			$app->log('Created file'.$folder_path.'.htpasswd',LOGLEVEL_DEBUG);
+		}
+		
+		//* Add or remove the user from .htpasswd file
+		if($event_name == 'web_folder_user_delete') {
+			$app->system->removeLine($folder_path.'.htpasswd',$data['new']['username'].':');
+			$app->log('Removed user: '.$data['new']['username'],LOGLEVEL_DEBUG);
+		} else {
+			$app->system->replaceLine($folder_path.'.htpasswd',$data['new']['username'].':',$data['new']['username'].':'.$data['new']['password'],0,1);
+			$app->log('Added or updated user: '.$data['new']['username'],LOGLEVEL_DEBUG);
+		}
+		
+		//* Create the .htaccess file
+		if(!is_file($folder_path.'.htaccess')) {
+			$ht_file = "AuthType Basic\nAuthName \"Members Only\"\nAuthUserFile ".$folder_path.".htpasswd\nrequire valid-user";
+			file_put_contents($folder_path.'.htaccess',$ht_file);
+			chmod($folder_path.'.htpasswd',0755);
+			$app->log('Created file'.$folder_path.'.htaccess',LOGLEVEL_DEBUG);
+		}
+		
+	}
+	
+	//* Remove .htaccess and .htpasswd file, when folder protection is removed
+	function web_folder_delete($event_name,$data) {
+		global $app, $conf;
+		
+		$folder_id = $data['old']['web_folder_id'];
+		
+		$folder = $app->db->queryOneRecord("SELECT * FROM web_folder WHERE web_folder_id = ".intval($folder_id));
+		$website = $app->db->queryOneRecord("SELECT * FROM web_domain WHERE domain_id = ".intval($folder['parent_domain_id']));
+		
+		if(!is_array($folder) or !is_array($website)) {
+			$app->log('Not able to retrieve folder or website record.',LOGLEVEL_DEBUG);
+			return false;
+		}
+		
+		//* Get the folder path.
+		$folder_path = realpath($website['document_root'].'/web/'.$folder['path']);
+		if(substr($folder_path,-1 != '/')) $folder_path .= '/';
+		
+		//* Check if the resulting path is inside the docroot
+		if(substr($folder_path,0,strlen($website['document_root'])) != $website['document_root']) {
+			$app->log('Folder path is outside of docroot.',LOGLEVEL_DEBUG);
+			return false;
+		}
+		
+		//* Remove .htpasswd file
+		if(is_file($folder_path.'.htpasswd')) {
+			unlink($folder_path.'.htpasswd');
+			$app->log('Removed file'.$folder_path.'.htpasswd',LOGLEVEL_DEBUG);
+		}
+		
+		//* Remove .htaccess file
+		if(is_file($folder_path.'.htaccess')) {
+			unlink($folder_path.'.htaccess');
+			$app->log('Removed file'.$folder_path.'.htaccess',LOGLEVEL_DEBUG);
+		}
+		
+		
 	}
 
 	/**



{tmpl_var name="active"}	{tmpl_var name="server_id"}	{tmpl_var name="parent_domain_id"}	{tmpl_var name="path"}	+ + {tmpl_var name='delete_txt'} + +


{tmpl_var name="active"}	{tmpl_var name="web_folder_id"}	{tmpl_var name="username"}	+ + {tmpl_var name='delete_txt'} + +