Hi I am fairly new to ispconfig. We are looking at using it on our new web server. My colleagues had a look and we had certain ideas on how to improve security. The solution we came up with (it's not ours!) is based on this http://lists.evolt.org/archive/Week-of-Mon-20030714/145126.html I've had a brief look at the ispconfig code but maybe it's easier to ask for help here. I am trying to change the user account creation for web users so that every new group has the apache user as member. from: Code: web3:x:10003:admispconfig,kubrt to Code: web3:x:10003:admispconfig,www-data,kubrt Any help appreciated.