I installed the ispconfig according to the instructions: https://www.howtoforge.com/tutorial/perfect-server-debian-8-jessie-apache-bind-dovecot-ispconfig-3/ I think I did something wrong. the pages are run as the web1 ... webXXX user in a normal environment. If we place it in the page code Code: <pre><?php var_dump(exec('cat /var/mail.log', $r)); var_dump($r); exit(); We list beautifully logs. A lot of files in the system have chmod XX4 and every client can read them. Just blocking the exec function in PHP will not do anything. You can still open the file using fopen. It seems to me that php must be run in jailkit. Does anyone know how to fix it?