diff --git a/interface/web/admin/form/server_config.tform.php b/interface/web/admin/form/server_config.tform.php
index a39cc3b993a81f57b4b2b1e2b1b8d5dc93e7df17..a127430494aa9add0b29e7959e6e1414d69af929 100644
--- a/interface/web/admin/form/server_config.tform.php
+++ b/interface/web/admin/form/server_config.tform.php
@@ -1101,6 +1101,14 @@ $form["tabs"]['web'] = array(
 			'validators' => array(	0 => array('type' => 'NOTEMPTY',
 										'errmsg' => 'php_default_name_error_empty'),
 			),
+			'filters'   => array(
+					0 => array( 'event' => 'SAVE',
+					'type' => 'TRIM'),
+					1 => array( 'event' => 'SAVE',
+					'type' => 'STRIPTAGS'),
+					2 => array( 'event' => 'SAVE',
+					'type' => 'STRIPNL')
+			),
 			'width' => '40',
 			'maxlength' => '255'
 		),
diff --git a/interface/web/sites/web_vhost_domain_edit.php b/interface/web/sites/web_vhost_domain_edit.php
index 029df1cbef4c89531bf7330047f690ed1f3ab1f9..19e4c4c23b69f9bc259843ed241a691622a9854b 100644
--- a/interface/web/sites/web_vhost_domain_edit.php
+++ b/interface/web/sites/web_vhost_domain_edit.php
@@ -257,7 +257,7 @@ class page_action extends tform_actions {
 					$php_records = $app->db->queryAllRecords("SELECT * FROM server_php WHERE php_fastcgi_binary != '' AND php_fastcgi_ini_dir != '' AND server_id = ? AND (client_id = 0 OR client_id=?) AND active = 'y'", $parent_domain['server_id'], $_SESSION['s']['user']['client_id']);
 				}
 			}
-			$php_select = "<option value=''>".$web_config['php_default_name']."</option>";
+			$php_select = "<option value=''>".$app->functions->htmlentities($web_config['php_default_name'])."</option>";
 			if(is_array($php_records) && !empty($php_records)) {
 				foreach( $php_records as $php_record) {
 					if($this->dataRecord['php'] == 'php-fpm' || ($this->dataRecord['php'] == 'hhvm' && $server_type == 'nginx')){
@@ -404,7 +404,7 @@ class page_action extends tform_actions {
 					$php_records = $app->db->queryAllRecords("SELECT * FROM server_php WHERE php_fastcgi_binary != '' AND php_fastcgi_ini_dir != '' AND server_id = ? AND (client_id = 0 OR client_id=?) AND active = 'y'", $parent_domain['server_id'], $_SESSION['s']['user']['client_id']);
 				}
 			}
-			$php_select = "<option value=''>".$web_config['php_default_name']."</option>";
+			$php_select = "<option value=''>".$app->functions->htmlentities($web_config['php_default_name'])."</option>";
 			if(is_array($php_records) && !empty($php_records)) {
 				foreach( $php_records as $php_record) {
 					if($this->dataRecord['php'] == 'php-fpm' || ($this->dataRecord['php'] == 'hhvm' && $server_type == 'nginx')){
@@ -624,7 +624,7 @@ class page_action extends tform_actions {
 					$php_records = $app->db->queryAllRecords("SELECT * FROM server_php WHERE php_fastcgi_binary != '' AND php_fastcgi_ini_dir != '' AND server_id = ? AND active = 'y'", $parent_domain['server_id']);
 				}
 			}
-			$php_select = "<option value=''>".$web_config['php_default_name']."</option>";
+			$php_select = "<option value=''>".$app->functions->htmlentities($web_config['php_default_name'])."</option>";
 			if(is_array($php_records) && !empty($php_records)) {
 				foreach( $php_records as $php_record) {
 					if($this->dataRecord['php'] == 'php-fpm' || ($this->dataRecord['php'] == 'hhvm' && $server_type == 'nginx')){