Merge main in to staging

CHANGELOG.md

@@ -91,6 +91,7 @@ All notable changes to this project will be documented in this file.
 - Standardize headers for upgrade scripts
 - Improved how we handle custom themes
 - Refactored HMTL / PHP code WebUI
+- Updated ClamAV configuration
 - Fixed issue where file manger key got the wrong permissions
 - Update version Laveral @mariojgt
 

bin/v-backup-user

@@ -390,7 +390,7 @@ if [ ! -z "$MAIL_SYSTEM" ] && [ "$MAIL" != '*' ]; then
         accounts=()
         for account in $(ls); do
             exclusion=$(echo "$MAIL" |tr ',' '\n' |grep "$domain:")
-            exclusion=$(echo "$exclusion" |tr ':' '\n' |grep "^$account$")
+            exclusion=$(echo "$exclusion" |tr ':' '\n' |grep -E "^$account|\*")
 
             # Checking exlusions
             if [ -z "$exclusion" ] && [[ "$MAIL_SYSTEM" =~ exim ]]; then

bin/v-delete-web-domain

@@ -67,7 +67,7 @@ fi
 
 # Deleting web backend
 if [ ! -z "$WEB_BACKEND" ]; then
-    $BIN/v-delete-web-domain-backend $user $domain $restart
+    $BIN/v-delete-web-domain-backend $user $domain 'no'
 fi
 
 # Deleting vhost configuration
@@ -142,10 +142,14 @@ fi
 $BIN/v-restart-web $restart
 check_result $? "Web restart failed" >/dev/null
 
-# Restartinh proxy server
+# Restarting proxy server
 $BIN/v-restart-proxy $restart
 check_result $? "Proxy restart failed" >/dev/null
 
+# Restarting backend server
+$BIN/v-restart-web-backend $restart
+check_result $? "Backend restart failed" >/dev/null
+
 # Logging
 $BIN/v-log-action "$user" "Info" "Web" "Deleted web domain (Name: $domain)."
 log_event "$OK" "$ARGUMENTS"

bin/v-list-sys-ips

@@ -53,13 +53,16 @@ json_list() {
 
 # SHELL list function
 shell_list() {
-    echo "IP   MASK   NAT    HELO    STATUS   WEB  DATE"
-    echo "--   ----   ---    ----    ------   ---  ----"
+    echo "IP   MASK   NAT    HELO                    STATUS   WEB  DATE"
+    echo "--   ----   ---    --------------------    ------   ---  ----"
     while read IP; do
         source $HESTIA/data/ips/$IP
         if [ -z "$NAT" ]; then
             NAT='no'
         fi
+        if [ -z "$HELO" ]; then
+            HELO='unset'
+        fi
         echo "$IP $NETMASK $NAT $HELO $STATUS $U_WEB_DOMAINS $DATE"
     done < <(ls $HESTIA/data/ips/)
 }

bin/v-purge-nginx-cache

@@ -1,9 +1,9 @@
 #!/bin/bash
 # info: Purge nginx cache
-# options: USER DOMAIN MODE
+# options: USER DOMAINå
 # labels: hestia web
 #
-# example: v-purge-nginx-cache user domain.tld proxy
+# example: v-purge-nginx-cache user domain.tld
 #
 # The function purges nginx cache.
 

install/deb/clamav/clamd.conf

@@ -1,6 +1,6 @@
-#Automatically Generated by clamav-base postinst
-#To reconfigure clamd run #dpkg-reconfigure clamav-base
-#Please read /usr/share/doc/clamav-base/README.Debian.gz for details
+#Automatically Generated by clamav-daemon postinst
+#To reconfigure clamd run #dpkg-reconfigure clamav-daemon
+#Please read /usr/share/doc/clamav-daemon/README.Debian.gz for details
 LocalSocket /var/run/clamav/clamd.ctl
 FixStaleSocket true
 LocalSocketGroup clamav
@@ -8,7 +8,6 @@ LocalSocketMode 666
 # TemporaryDirectory is not set to its default /tmp here to make overriding
 # the default with environment variables TMPDIR/TMP/TEMP possible
 User clamav
-# AllowSupplementaryGroups true
 ScanMail true
 ScanArchive true
 ArchiveBlockEncrypted false
@@ -19,26 +18,38 @@ ReadTimeout 180
 MaxThreads 12
 MaxConnectionQueueLength 15
 LogSyslog false
+LogRotate true
 LogFacility LOG_LOCAL6
 LogClean false
 LogVerbose true
-PidFile /var/run/clamav/clamd.pid
+PreludeEnable no
+PreludeAnalyzerName ClamAV
 DatabaseDirectory /var/lib/clamav
+OfficialDatabaseOnly false
 SelfCheck 3600
 Foreground false
 Debug false
 ScanPE true
+MaxEmbeddedPE 10M
 ScanOLE2 true
+ScanPDF true
 ScanHTML true
+MaxHTMLNormalize 10M
+MaxHTMLNoTags 2M
+MaxScriptNormalize 5M
+MaxZipTypeRcg 1M
+ScanSWF true
 ExitOnOOM false
 LeaveTemporaryFiles false
 AlgorithmicDetection true
 ScanELF true
 IdleTimeout 30
+CrossFilesystems true
 PhishingSignatures true
 PhishingScanURLs true
 PhishingAlwaysBlockSSLMismatch false
 PhishingAlwaysBlockCloak false
+PartitionIntersection false
 DetectPUA false
 ScanPartialMessages false
 HeuristicScanPrecedence false
@@ -48,6 +59,23 @@ SendBufTimeout 200
 MaxQueue 100
 ExtendedDetectionInfo true
 OLE2BlockMacros false
+AllowAllMatchScan true
+ForceToDisk false
+DisableCertCheck false
+DisableCache false
+MaxScanTime 120000
+MaxScanSize 100M
+MaxFileSize 25M
+MaxRecursion 16
+MaxFiles 10000
+MaxPartitions 50
+MaxIconsPE 100
+PCREMatchLimit 10000
+PCRERecMatchLimit 5000
+PCREMaxFileSize 25M
+ScanXMLDOCS true
+ScanHWP3 true
+MaxRecHWP3 16
 StreamMaxLength 25M
 LogFile /var/log/clamav/clamav.log
 LogTime true
@@ -56,5 +84,5 @@ LogFileMaxSize 0
 Bytecode true
 BytecodeSecurity TrustSigned
 BytecodeTimeout 60000
-OfficialDatabaseOnly false
-CrossFilesystems true
+PidFile /var/run/clamav/clamd.pid
+OnAccessMaxFileSize 5M

install/deb/firewall/ipset/blacklist.sh

@@ -8,7 +8,6 @@ BLACKLISTS=(
     "https://www.projecthoneypot.org/list_of_ips.php?t=d&rss=1" # Project Honey Pot Directory of Dictionary Attacker IPs
     "https://check.torproject.org/cgi-bin/TorBulkExitList.py?ip=1.1.1.1"  # TOR Exit Nodes
     "https://www.maxmind.com/en/high-risk-ip-sample-list" # MaxMind GeoIP Anonymous Proxies
-    "http://danger.rulez.sk/projects/bruteforceblocker/blist.php" # BruteForceBlocker IP List
     "https://www.spamhaus.org/drop/drop.lasso" # Spamhaus Don't Route Or Peer List (DROP)
     "https://cinsscore.com/list/ci-badguys.txt" # C.I. Army Malicious IP List
     "https://lists.blocklist.de/lists/all.txt" # blocklist.de attackers

install/deb/templates/mail/nginx/default_rainloop.stpl

@@ -11,6 +11,11 @@ ssl_certificate_key %ssl_key%;
 ssl_stapling on;
 ssl_stapling_verify on;
 
+location ^~ /data {
+    deny all;
+    return 404;
+}
+
 location ~ ^/(README.md|config|temp|logs|bin|SQL|INSTALL|LICENSE|CHANGELOG|UPGRADING)$ {
     deny all;
     return 404;

install/deb/templates/mail/nginx/default_rainloop.tpl

@@ -13,7 +13,12 @@ location ~ /\.(?!well-known\/) {
     return 404;
 }
 
-location ~ /data/ {
+location ^~ /data {
+    deny all;
+    return 404;
+}
+
+location ~ ^/(README.md|config|temp|logs|bin|SQL|INSTALL|LICENSE|CHANGELOG|UPGRADING)$ {
     deny all;
     return 404;
 }

install/deb/templates/mail/nginx/rainloop.stpl

@@ -16,6 +16,11 @@ location ~ /\.(?!well-known\/) {
     return 404;
 }
 
+location ^~ /data {
+    deny all;
+    return 404;
+}
+
 location ~ ^/(README.md|config|temp|logs|bin|SQL|INSTALL|LICENSE|CHANGELOG|UPGRADING)$ {
     deny all;
     return 404;

install/deb/templates/mail/nginx/rainloop.tpl

@@ -13,6 +13,11 @@ location ~ /\.(?!well-known\/) {
     return 404;
 }
 
+location ^~ /data {
+    deny all;
+    return 404;
+}
+
 location ~ ^/(README.md|config|temp|logs|bin|SQL|INSTALL|LICENSE|CHANGELOG|UPGRADING)$ {
     deny all;
     return 404;

install/upgrade/manual/migrate_roundcube.sh

@@ -17,7 +17,7 @@ source $HESTIA/conf/hestia.conf
 #                    Verifications                         #
 #----------------------------------------------------------#
 
-if [ ! -d "/usr/share/phpmyadmin/" ]; then
+if [ ! -d "/usr/share/roundcube/" ]; then
     echo "Install Roundcube not done via APT"
     exit 2;
 fi
@@ -46,4 +46,4 @@ then
     # restore backup
     mysql roundcube < ~/roundcube.sql
     /var/lib/roundcube/bin/update.sh --version "$version"
-fi
+fi

install/upgrade/versions/1.4.0.sh

@@ -58,12 +58,15 @@ if [ "$MAIL_SYSTEM" == "exim4" ]; then
         echo '[ * ] Enabling SMTP relay support...'
         if grep -q "driver = plaintext" /etc/exim4/exim4.conf.template; then
             disable_smtp_relay=true
-            echo '[ ! ] ERROR: Manual intervention required to enable SMTP Relay:'
+            echo '[ ! ] ERROR: SMTP Relay upgrade failed:'
             echo ''
-            echo '      Exim only supports one plaintext authenticator.'
-            echo '      If you want to use the Hestia smtp relay feature,'
-            echo '      please review the /etc/exim4/exim4.conf.template'
-            echo '      file and resolve any conflicts.'
+            echo 'Because of the complexity of the SMTP Relay upgrade,'
+            echo 'we were unable to safely modify your existing exim config file.'
+            echo 'If you would like to use the new SMTP Relay features,'
+            echo 'you will have to replace or modify your config with the one found'
+            echo 'on GitHub at https://github.com/hestiacp/hestiacp/blob/release/install/deb/exim/exim4.conf.template.'
+            echo 'Your exim config file will be found here: /etc/exim4/exim4.conf.template'
+            $HESTIA/bin/v-add-user-notification admin 'SMTP Relay upgrade failed' 'Because of the complexity of the SMTP Relay upgrade, we were unable to safely modify your existing exim config file.<br><br>If you would like to use the new SMTP Relay features, you will have to replace or modify your config with the one found on <a href="https://github.com/hestiacp/hestiacp/blob/release/install/deb/exim/exim4.conf.template" target="_new"><i class="fab fa-github"></i> GitHub</a>.<br><br>Your exim config file will be found here:<br><br><code>/etc/exim4/exim4.conf.template</code>'
         else
             disable_smtp_relay=false
         fi
@@ -178,6 +181,15 @@ if [ -d "$HESTIA/web/images/webapps/" ]; then
     rm -rf $HESTIA/web/src/app/WebApp/Installers/Joomla
 fi
 
+# Update ClamAV configuration file
+if [ -f "/etc/clamav/clamd.conf" ]; then
+    cp -f $HESTIA_INSTALL_DIR/clamav/clamd.conf /etc/clamav/
+    $HESTIA/bin/v-add-user-notification admin 'ClamAV config has been overwritten' 'Warning: If you have manualy changed /etc/clamav/clamd.conf and any changes you made will be lost an backup has been created in the /root/hst_backups folder with the original config. If you have not changed the config file you can ignore this message'
+fi
+
+if [ -f "$HESTIA/data/firewall/ipset/blacklist.sh" ]; then
+    sed -i  '/BruteForceBlocker/d' $HESTIA/data/firewall/ipset/blacklist.sh
+fi
 
 ##### COMMANDS FOR V1.5.X
 

web/bulk/web/index.php

@@ -45,6 +45,7 @@ if (isset($restart)) {
     exec (HESTIA_CMD."v-restart-web", $output, $return_var);
     exec (HESTIA_CMD."v-restart-proxy", $output, $return_var);
     exec (HESTIA_CMD."v-restart-dns", $output, $return_var);
+    exec (HESTIA_CMD."v-restart-web-backend", $output, $return_var);
 }
 
 header("Location: /list/web/");

web/delete/web/index.php

@@ -19,7 +19,7 @@ if (($_SESSION['userContext'] === 'admin') && (!empty($_GET['user']))) {
 if (!empty($_GET['domain'])) {
     $v_username = escapeshellarg($user);
     $v_domain = escapeshellarg($_GET['domain']);
-    exec (HESTIA_CMD."v-delete-web-domain ".$v_username." ".$v_domain, $output, $return_var);
+    exec (HESTIA_CMD."v-delete-web-domain ".$v_username." ".$v_domain." 'yes'", $output, $return_var);
     check_return_code($return_var,$output);
     unset($output);
 }

web/templates/pages/edit_server.html

@@ -332,10 +332,10 @@
 									</tr>
 									<tr>
 										<td class="vst-text">
-											<?=_('DNS Cluster');?>: <span class="optional"><?php if ($v_dns_cluster == 'yes') { echo 'Yes'; } else { echo 'No'; } ?></span>
+											<?=_('DNS Cluster');?>: <span class="optional"><?php if ($v_dns_cluster == 'yes') { echo _('Yes'); } else { echo _('No'); } ?></span>
 										</td>
 									</tr>
-									<?php if ($v_dns_cluster = 'yes') {
+									<?php if ($v_dns_cluster == 'yes') {
 										$i = 0;
 										foreach ($dns_cluster as $key => $value) {
 											$i++;
@@ -482,8 +482,8 @@
 									<tr>
 										<td>
 											<select class="vst-list" name="v_mysql" disabled>
-												<option value='no'><?=_('no'); ?></option>
-												<option value='yes' <?php if($v_mysql == 'yes') echo 'selected' ?>><?=_('yes'); ?></option>
+												<option value='no'><?=_('No'); ?></option>
+												<option value='yes' <?php if($v_mysql == 'yes') echo 'selected' ?>><?=_('Yes'); ?></option>
 											</select>
 											<br><br>
 										</td>
@@ -584,8 +584,8 @@
 										<tr>
 											<td>
 												<select class="vst-list" name="v_pgsql" disabled>
-													<option value='no'><?=_('no'); ?></option>
-													<option value='yes' <?php if($v_pgsql == 'yes') echo 'selected' ?>><?=_('yes'); ?></option>
+													<option value='no'><?=_('No'); ?></option>
+													<option value='yes' <?php if($v_pgsql == 'yes') echo 'selected' ?>><?=_('Yes'); ?></option>
 												</select>
 												<br><br>
 											</td>
@@ -662,15 +662,15 @@
 									<tr>
 										<td>
 											<select class="vst-list" name="v_backup">
-												<option value='no'><?=_('no'); ?></option>
-												<option value='yes' <?php if($v_backup == 'yes') echo 'selected' ?>><?=_('yes'); ?></option>
+												<option value='no'><?=_('No'); ?></option>
+												<option value='yes' <?php if($v_backup == 'yes') echo 'selected' ?>><?=_('Yes'); ?></option>
 											</select>
 											<br><br>
 										</td>
 									</tr>
 									<tr>
 										<td class="vst-text">
-											<?=_('Compression');?> <a href="https://docs.hestiacp.com/admin_docs/backups.html"><i class="fas fa-question-circle"></i></a>
+											<?=_('Compression');?> <a href="http://docs.hestiacp.com/admin_docs/backups.html#what-is-the-difference-between-zstd-and-gzip"><i class="fas fa-question-circle"></i></a>
 										</td>
 									</tr>
 									<tr>
@@ -684,7 +684,7 @@
 									</tr>
 									<tr>
 										<td class="vst-text">
-											<?=_('Compression level');?> <a href="https://docs.hestiacp.com/admin_docs/backups.html"><i class="fas fa-question-circle"></i></a>
+											<?=_('Compression level');?> <a href="http://docs.hestiacp.com/admin_docs/backups.html#what-is-the-optimal-compression-ratio"><i class="fas fa-question-circle"></i></a>
 										</td>
 									</tr>
 									<tr>
@@ -699,7 +699,7 @@
 									</tr>
 									<tr>
 										<td class="vst-text">
-											<?=_('Directory');?> <a href="https://docs.hestiacp.com/admin_docs/backups.html"><i class="fas fa-question-circle"></i></a>
+											<?=_('Directory');?> <a href="https://docs.hestiacp.com/admin_docs/backups.html#how-to-change-default-backup-folder"><i class="fas fa-question-circle"></i></a>
 										</td>
 									</tr>
 									<tr>
@@ -718,7 +718,7 @@
 											<table style="display:<?php if (empty($v_backup_remote_adv)) echo 'none';?> ;" id="remote_backup">
 												<tr>
 													<td class="vst-text">
-														<?=_('Protocol');?> <a href="https://docs.hestiacp.com/admin_docs/backups.html"><i class="fas fa-question-circle"></i></a>
+														<?=_('Protocol');?> <a href="http://docs.hestiacp.com/admin_docs/backups.html#what-kind-of-protocols-are-currently-supported"><i class="fas fa-question-circle"></i></a>
 													</td>
 												</tr>
 												<tr>
@@ -965,8 +965,8 @@
 												<tr>
 													<td>
 														<select class="vst-list" name="v_api" id="api">
-															<option value='yes'><?=_('yes'); ?></option>
-															<option value='no' <?php if($_SESSION['API'] == 'no') echo 'selected' ?>><?=_('no'); ?></option>
+															<option value='yes'><?=_('Yes'); ?></option>
+															<option value='no' <?php if($_SESSION['API'] == 'no') echo 'selected' ?>><?=_('No'); ?></option>
 														</select>
 														<br><br>
 													</td>
@@ -1019,8 +1019,8 @@
 												<tr>
 													<td>
 														<select class="vst-list" name="v_policy_system_password_reset">
-															<option value='yes'><?=_('yes'); ?></option>
-															<option value='no' <?php if($_SESSION['POLICY_SYSTEM_PASSWORD_RESET'] == 'no') echo 'selected' ?>><?=_('no'); ?></option>
+															<option value='yes'><?=_('Yes'); ?></option>
+															<option value='no' <?php if($_SESSION['POLICY_SYSTEM_PASSWORD_RESET'] == 'no') echo 'selected' ?>><?=_('No'); ?></option>
 														</select>
 														<br><br>
 													</td>
@@ -1063,8 +1063,8 @@
 													<tr>
 														<td>
 															<select class="vst-list" name="v_policy_system_protected_admin">
-																<option value='yes'><?=_('yes'); ?></option>
-																<option value='no' <?php if($_SESSION['POLICY_SYSTEM_PROTECTED_ADMIN'] !== 'yes') echo 'selected' ?>><?=_('no'); ?></option>
+																<option value='yes'><?=_('Yes'); ?></option>
+																<option value='no' <?php if($_SESSION['POLICY_SYSTEM_PROTECTED_ADMIN'] !== 'yes') echo 'selected' ?>><?=_('No'); ?></option>
 															</select>
 															<br><br>
 														</td>
@@ -1077,8 +1077,8 @@
 													<tr>
 														<td>
 															<select class="vst-list" name="v_policy_system_hide_admin">
-																<option value='yes'><?=_('yes'); ?></option>
-																<option value='no' <?php if($_SESSION['POLICY_SYSTEM_HIDE_ADMIN'] !== 'yes') echo 'selected' ?>><?=_('no'); ?></option>
+																<option value='yes'><?=_('Yes'); ?></option>
+																<option value='no' <?php if($_SESSION['POLICY_SYSTEM_HIDE_ADMIN'] !== 'yes') echo 'selected' ?>><?=_('No'); ?></option>
 															</select>
 															<br><br>
 														</td>
@@ -1091,8 +1091,8 @@
 													<tr>
 														<td>
 															<select class="vst-list" name="v_policy_system_hide_services">
-																<option value='yes'><?=_('yes'); ?></option>
-																<option value='no' <?php if($_SESSION['POLICY_SYSTEM_HIDE_SERVICES'] !== 'yes') echo 'selected' ?>><?=_('no'); ?></option>
+																<option value='yes'><?=_('Yes'); ?></option>
+																<option value='no' <?php if($_SESSION['POLICY_SYSTEM_HIDE_SERVICES'] !== 'yes') echo 'selected' ?>><?=_('No'); ?></option>
 															</select>
 															<br><br>
 														</td>
@@ -1124,8 +1124,8 @@
 												<tr>
 													<td>
 														<select class="vst-list" name="v_policy_user_view_suspended">
-															<option value='yes' <?php if($_SESSION['POLICY_USER_VIEW_SUSPENDED'] !== 'no') echo 'selected' ?>><?=_('yes'); ?></option>
-															<option value='no' <?php if($_SESSION['POLICY_USER_VIEW_SUSPENDED'] == 'no') echo 'selected' ?>><?=_('no'); ?></option>
+															<option value='yes' <?php if($_SESSION['POLICY_USER_VIEW_SUSPENDED'] !== 'no') echo 'selected' ?>><?=_('Yes'); ?></option>
+															<option value='no' <?php if($_SESSION['POLICY_USER_VIEW_SUSPENDED'] == 'no') echo 'selected' ?>><?=_('No'); ?></option>
 														</select>
 														<br><br>
 													</td>
@@ -1139,8 +1139,8 @@
 												<tr>
 													<td>
 														<select class="vst-list" name="v_policy_user_edit_details">
-															<option value='yes' <?php if($_SESSION['POLICY_USER_EDIT_DETAILS'] !== 'no') echo 'selected' ?>><?=_('yes'); ?></option>
-															<option value='no' <?php if($_SESSION['POLICY_USER_EDIT_DETAILS'] == 'no') echo 'selected' ?>><?=_('no'); ?></option>
+															<option value='yes' <?php if($_SESSION['POLICY_USER_EDIT_DETAILS'] !== 'no') echo 'selected' ?>><?=_('Yes'); ?></option>
+															<option value='no' <?php if($_SESSION['POLICY_USER_EDIT_DETAILS'] == 'no') echo 'selected' ?>><?=_('No'); ?></option>
 														</select>
 														<br><br>
 													</td>
@@ -1153,8 +1153,8 @@
 												<tr>
 													<td>
 														<select class="vst-list" name="v_policy_user_edit_web_templates">
-															<option value='yes' <?php if($_SESSION['POLICY_USER_EDIT_WEB_TEMPLATES'] !== 'no') echo 'selected' ?>><?=_('yes'); ?></option>
-															<option value='no' <?php if($_SESSION['POLICY_USER_EDIT_WEB_TEMPLATES'] == 'no') echo 'selected' ?>><?=_('no'); ?></option>
+															<option value='yes' <?php if($_SESSION['POLICY_USER_EDIT_WEB_TEMPLATES'] !== 'no') echo 'selected' ?>><?=_('Yes'); ?></option>
+															<option value='no' <?php if($_SESSION['POLICY_USER_EDIT_WEB_TEMPLATES'] == 'no') echo 'selected' ?>><?=_('No'); ?></option>
 														</select>
 														<br><br>
 													</td>
@@ -1167,8 +1167,8 @@
 												<tr>
 													<td>
 														<select class="vst-list" name="v_policy_user_edit_dns_templates">
-															<option value='yes' <?php if($_SESSION['POLICY_USER_EDIT_DNS_TEMPLATES'] !== 'no') echo 'selected' ?>><?=_('yes'); ?></option>
-															<option value='no' <?php if($_SESSION['POLICY_USER_EDIT_DNS_TEMPLATES'] == 'no') echo 'selected' ?>><?=_('no'); ?></option>
+															<option value='yes' <?php if($_SESSION['POLICY_USER_EDIT_DNS_TEMPLATES'] !== 'no') echo 'selected' ?>><?=_('Yes'); ?></option>
+															<option value='no' <?php if($_SESSION['POLICY_USER_EDIT_DNS_TEMPLATES'] == 'no') echo 'selected' ?>><?=_('No'); ?></option>
 														</select>
 														<br><br>
 													</td>
@@ -1181,8 +1181,8 @@
 												<tr>
 													<td>
 														<select class="vst-list" name="v_policy_user_view_logs">
-															<option value='yes' <?php if($_SESSION['POLICY_USER_VIEW_LOGS'] !== 'no') echo 'selected' ?>><?=_('yes'); ?></option>
-															<option value='no' <?php if($_SESSION['POLICY_USER_VIEW_LOGS'] == 'no') echo 'selected' ?>><?=_('no'); ?></option>
+															<option value='yes' <?php if($_SESSION['POLICY_USER_VIEW_LOGS'] !== 'no') echo 'selected' ?>><?=_('Yes'); ?></option>
+															<option value='no' <?php if($_SESSION['POLICY_USER_VIEW_LOGS'] == 'no') echo 'selected' ?>><?=_('No'); ?></option>
 														</select>
 														<br><br>
 													</td>
@@ -1195,8 +1195,8 @@
 												<tr>
 													<td>
 														<select class="vst-list" name="v_policy_user_delete_logs">
-															<option value='yes' <?php if($_SESSION['POLICY_USER_DELETE_LOGS'] !== 'no') echo 'selected' ?>><?=_('yes'); ?></option>
-															<option value='no' <?php if($_SESSION['POLICY_USER_DELETE_LOGS'] == 'no') echo 'selected' ?>><?=_('no'); ?></option>
+															<option value='yes' <?php if($_SESSION['POLICY_USER_DELETE_LOGS'] !== 'no') echo 'selected' ?>><?=_('Yes'); ?></option>
+															<option value='no' <?php if($_SESSION['POLICY_USER_DELETE_LOGS'] == 'no') echo 'selected' ?>><?=_('No'); ?></option>
 														</select>
 														<br><br>
 													</td>
@@ -1214,8 +1214,8 @@
 												<tr>
 													<td>
 														<select class="vst-list" name="v_enforce_subdomain_ownership">
-															<option value='yes'><?=_('yes'); ?></option>
-															<option value='no' <?php if($_SESSION['ENFORCE_SUBDOMAIN_OWNERSHIP'] == 'no') echo 'selected' ?>><?=_('no'); ?></option>
+															<option value='yes'><?=_('Yes'); ?></option>
+															<option value='no' <?php if($_SESSION['ENFORCE_SUBDOMAIN_OWNERSHIP'] == 'no') echo 'selected' ?>><?=_('No'); ?></option>
 														</select>
 													</td>
 												</tr>
@@ -1248,8 +1248,8 @@
 									<tr>
 										<td>
 											<select class="vst-list" name="v_plugin_app_installer">
-												<option value='false'><?=_('no'); ?></option>
-												<option value='true' <?php if($_SESSION['PLUGIN_APP_INSTALLER'] == 'true') echo 'selected' ?>><?=_('yes'); ?></option>
+												<option value='false'><?=_('No'); ?></option>
+												<option value='true' <?php if($_SESSION['PLUGIN_APP_INSTALLER'] == 'true') echo 'selected' ?>><?=_('Yes'); ?></option>
 											</select>
 											<br><br>
 										</td>
@@ -1262,8 +1262,8 @@
 									<tr>
 										<td>
 											<select class="vst-list" name="v_filemanager">
-												<option value='false'><?=_('no'); ?></option>
-												<option value='true' <?php if($_SESSION['FILE_MANAGER'] == 'true') echo 'selected' ?>><?=_('yes'); ?></option>
+												<option value='false'><?=_('No'); ?></option>
+												<option value='true' <?php if($_SESSION['FILE_MANAGER'] == 'true') echo 'selected' ?>><?=_('Yes'); ?></option>
 											</select>
 											<br><br>
 										</td>
@@ -1276,8 +1276,8 @@
 									<tr>
 										<td>
 											<select class="vst-list" name="v_quota">
-												<option value='no'><?=_('no'); ?></option>
-												<option value='yes' <?php if($_SESSION['DISK_QUOTA'] == 'yes') echo 'selected' ?>><?=_('yes'); ?></option>
+												<option value='no'><?=_('No'); ?></option>
+												<option value='yes' <?php if($_SESSION['DISK_QUOTA'] == 'yes') echo 'selected' ?>><?=_('Yes'); ?></option>
 											</select>
 											<br><br>
 										</td>
@@ -1290,8 +1290,8 @@
 									<tr>
 										<td>
 											<select class="vst-list" name="v_firewall">
-												<option value='no'><?=_('no'); ?></option>
-												<option value='yes' <?php if($_SESSION['FIREWALL_SYSTEM'] == 'iptables') echo 'selected' ?>><?=_('yes'); ?></option>
+												<option value='no'><?=_('No'); ?></option>
+												<option value='yes' <?php if($_SESSION['FIREWALL_SYSTEM'] == 'iptables') echo 'selected' ?>><?=_('Yes'); ?></option>
 											</select>
 											<br><br>
 										</td>

web/templates/pages/edit_web.html

@@ -392,7 +392,7 @@
 										<?php if($_SESSION['WEB_SYSTEM'] == 'nginx'){?>
 											<tr>
 												<td class="vst-text">
-													<label><input type="checkbox" size="20" class="vst-checkbox" name="v_nginx_cache_check" <?php if ($v_nginx_cache == 'yes') echo "checked=yes" ?> onclick="javascript:elementHideShow('v_nginx_duration');"><?=_('Enable FastCGI Cache'); ?> <a href="https://docs.hestiacp.com/admin_docs/nginx_caching.html" target="_blank"><i class="fas fa-question-circle"></i></a></label>
+													<label><input type="checkbox" size="20" class="vst-checkbox" name="v_nginx_cache_check" <?php if ($v_nginx_cache == 'yes') echo "checked=yes" ?> onclick="javascript:elementHideShow('v_nginx_duration');"><?=_('Enable FastCGI Cache'); ?> <a href="https://docs.hestiacp.com/admin_docs/web/fastcgi.html#nginx-fastcgi-cache" target="_blank"><i class="fas fa-question-circle"></i></a></label>
 												</td>
 											</tr>
 											<tr>