gitlabFork/ISPConfig3.git - Solinfo Gitblit

parent: 10b47cce | patch | commit | ignore whitespace

- Changed regex for redirect path (Web sites, subdomains, vhost subdomains,...

ftimme

2013-01-16 08cc7f673c377bf88897743e340097e93f1e95f4

- Changed regex for redirect path (Web sites, subdomains, vhost subdomains, alias domains) and web folder (vhost subdomains) so that ".." is not allowed (in order to prevent path traversals).
- nginx: don't allow folders for proxy redirects (subdomains and alias domains); URL is required.
- nginx: modified rewriting.

13 files modified

	interface/web/sites/form/web_aliasdomain.tform.php	2 ●●●●● patch \| view \| raw \| blame \| history
	interface/web/sites/form/web_domain.tform.php	2 ●●●●● patch \| view \| raw \| blame \| history
	interface/web/sites/form/web_subdomain.tform.php	2 ●●●●● patch \| view \| raw \| blame \| history
	interface/web/sites/form/web_vhost_subdomain.tform.php	4 ●●●●● patch \| view \| raw \| blame \| history
	interface/web/sites/lib/lang/de.lng	1 ●●●●● patch \| view \| raw \| blame \| history
	interface/web/sites/lib/lang/de_web_subdomain.lng	1 ●●●●● patch \| view \| raw \| blame \| history
	interface/web/sites/lib/lang/en.lng	1 ●●●●● patch \| view \| raw \| blame \| history
	interface/web/sites/lib/lang/en_web_subdomain.lng	1 ●●●●● patch \| view \| raw \| blame \| history
	interface/web/sites/web_aliasdomain_edit.php	5 ●●●●● patch \| view \| raw \| blame \| history
	interface/web/sites/web_domain_edit.php	5 ●●●●● patch \| view \| raw \| blame \| history
	interface/web/sites/web_subdomain_edit.php	5 ●●●●● patch \| view \| raw \| blame \| history
	server/conf/nginx_vhost.conf.master	11 ●●●●● patch \| view \| raw \| blame \| history
	server/plugins-available/nginx_plugin.inc.php	151 ●●●●● patch \| view \| raw \| blame \| history

 interface/web/sites/form/web_aliasdomain.tform.php

@@ -122,7 +122,7 @@
            'datatype'    => 'VARCHAR',
            'formtype'    => 'TEXT',
            'validators'    => array (     0 => array (    'type'    => 'REGEX',
                                                        'regex' => '@^(([\.]{0})|((ftp|https?)://([-\w\.]+)+(:\d+)?(/([\w/_\.\-\,\+\?\~!:%]*(\?\S+)?)?)?)|(\[scheme\]://([-\w\.]+)+(:\d+)?(/([\w/_\.\-\,\+\?\~!:%]*(\?\S+)?)?)?)|(/[\w/_\.\-]{1,255}/))$@',
                                                        'regex' => '@^(([\.]{0})|((ftp|https?)://([-\w\.]+)+(:\d+)?(/([\w/_\.\-\,\+\?\~!:%]*(\?\S+)?)?)?)|(\[scheme\]://([-\w\.]+)+(:\d+)?(/([\w/_\.\-\,\+\?\~!:%]*(\?\S+)?)?)?)|(/(?!.*\.\.)[\w/_\.\-]{1,255}/))$@',
                                                        'errmsg'=> 'redirect_error_regex'),
                                    ),
            'default'    => '',

 interface/web/sites/form/web_domain.tform.php

@@ -297,7 +297,7 @@
        'redirect_path' => array (
            'datatype'    => 'VARCHAR',
            'validators'    => array (     0 => array (    'type'    => 'REGEX',
                                                        'regex' => '@^(([\.]{0})|((ftp|https?)://([-\w\.]+)+(:\d+)?(/([\w/_\.\,\-\+\?\~!:%]*(\?\S+)?)?)?)|(\[scheme\]://([-\w\.]+)+(:\d+)?(/([\w/_\.\-\,\+\?\~!:%]*(\?\S+)?)?)?)|(/[\w/_\.\-]{1,255}/))$@',
                                                        'regex' => '@^(([\.]{0})|((ftp|https?)://([-\w\.]+)+(:\d+)?(/([\w/_\.\,\-\+\?\~!:%]*(\?\S+)?)?)?)|(\[scheme\]://([-\w\.]+)+(:\d+)?(/([\w/_\.\-\,\+\?\~!:%]*(\?\S+)?)?)?)|(/(?!.*\.\.)[\w/_\.\-]{1,255}/))$@',
                                                        'errmsg'=> 'redirect_error_regex'),
                                    ),
            'formtype'    => 'TEXT',

 interface/web/sites/form/web_subdomain.tform.php

@@ -123,7 +123,7 @@
            'datatype'    => 'VARCHAR',
            'formtype'    => 'TEXT',
            'validators'    => array (     0 => array (    'type'    => 'REGEX',
                                                        'regex' => '@^(([\.]{0})|((ftp|https?)://([-\w\.]+)+(:\d+)?(/([\w/_\.\-\,\+\?\~!:%]*(\?\S+)?)?)?)|(\[scheme\]://([-\w\.]+)+(:\d+)?(/([\w/_\.\-\,\+\?\~!:%]*(\?\S+)?)?)?)|(/[\w/_\.\-]{1,255}/))$@',
                                                        'regex' => '@^(([\.]{0})|((ftp|https?)://([-\w\.]+)+(:\d+)?(/([\w/_\.\-\,\+\?\~!:%]*(\?\S+)?)?)?)|(\[scheme\]://([-\w\.]+)+(:\d+)?(/([\w/_\.\-\,\+\?\~!:%]*(\?\S+)?)?)?)|(/(?!.*\.\.)[\w/_\.\-]{1,255}/))$@',
                                                        'errmsg'=> 'redirect_error_regex'),
                                    ),
            'default'    => '',

 interface/web/sites/form/web_vhost_subdomain.tform.php

@@ -149,7 +149,7 @@
        'web_folder' => array (
            'datatype'    => 'VARCHAR',
            'validators'    => array (     0 => array (    'type'    => 'REGEX',
                                                        'regex' => '@^([\w/_\.\-]{1,100})$@',
                                                        'regex' => '@^((?!.*\.\.)[\w/_\.\-]{1,100})$@',
                                                        'errmsg'=> 'web_folder_error_regex'),
                                    ),
            'formtype'    => 'TEXT',
@@ -296,7 +296,7 @@
        'redirect_path' => array (
            'datatype'    => 'VARCHAR',
            'validators'    => array (     0 => array (    'type'    => 'REGEX',
                                                        'regex' => '@^(([\.]{0})|((ftp|https?)://([-\w\.]+)+(:\d+)?(/([\w/_\.\,\-\+\?\~!:%]*(\?\S+)?)?)?)|(\[scheme\]://([-\w\.]+)+(:\d+)?(/([\w/_\.\-\,\+\?\~!:%]*(\?\S+)?)?)?)|(/[\w/_\.\-]{1,255}/))$@',
                                                        'regex' => '@^(([\.]{0})|((ftp|https?)://([-\w\.]+)+(:\d+)?(/([\w/_\.\,\-\+\?\~!:%]*(\?\S+)?)?)?)|(\[scheme\]://([-\w\.]+)+(:\d+)?(/([\w/_\.\-\,\+\?\~!:%]*(\?\S+)?)?)?)|(/(?!.*\.\.)[\w/_\.\-]{1,255}/))$@',
                                                        'errmsg'=> 'redirect_error_regex'),
                                    ),
            'formtype'    => 'TEXT',

 interface/web/sites/lib/lang/de.lng

@@ -30,4 +30,5 @@
$wb['Available packages'] = 'Verfügbare Pakete';
$wb['Installed packages'] = 'Installierte Pakete';
$wb['Update Packagelist'] = 'Paketliste aktualisieren';
$wb['error_proxy_requires_url'] = 'Weiterleitungstyp "proxy" erfordert eine URL als Weiterleitungspfad.';
?>

 interface/web/sites/lib/lang/de_web_subdomain.lng

@@ -42,4 +42,5 @@
$wb['no_flag_txt'] = 'Kein Flag';
$wb['proxy_directives_txt'] = 'Proxy Direktiven';
$wb['available_proxy_directive_snippets_txt'] = 'Verfügbare Proxy Direktiven Schnipsel:';
$wb['error_proxy_requires_url'] = 'Weiterleitungstyp "proxy" erfordert eine URL als Weiterleitungspfad.';
?>

 interface/web/sites/lib/lang/en.lng

@@ -31,4 +31,5 @@
$wb['Installed packages'] = 'Installed packages';
$wb['Update Packagelist'] = 'Update Packagelist';
$wb['Subdomain (Vhost)'] = 'Subdomain (Vhost)';
$wb['error_proxy_requires_url'] = 'Redirect Type "proxy" requires a URL as the redirect path.';
?>

 interface/web/sites/lib/lang/en_web_subdomain.lng

@@ -42,4 +42,5 @@
$wb['no_flag_txt'] = 'No flag';
$wb['proxy_directives_txt'] = 'Proxy Directives';
$wb['available_proxy_directive_snippets_txt'] = 'Available Proxy Directive Snippets:';
$wb['error_proxy_requires_url'] = 'Redirect Type "proxy" requires a URL as the redirect path.';
?>

 interface/web/sites/web_aliasdomain_edit.php

@@ -136,6 +136,11 @@
                $this->dataRecord['domain'] = $domain_check;
            }
        }
		
        // nginx: if redirect type is proxy and redirect path is no URL, display error
        if($this->dataRecord["redirect_type"] == 'proxy' && substr($this->dataRecord['redirect_path'],0,1) == '/'){
            $app->tform->errorMessage .= $app->tform->lng("error_proxy_requires_url")."<br />";
        }
        
        // Get the record of the parent domain
        $parent_domain = $app->db->queryOneRecord("select * FROM web_domain WHERE domain_id = ".$app->functions->intval(@$this->dataRecord["parent_domain_id"]));

 interface/web/sites/web_domain_edit.php

@@ -474,6 +474,11 @@
                }
            }
        }
		
        // nginx: if redirect type is proxy and redirect path is no URL, display error
        //if($this->dataRecord["redirect_type"] == 'proxy' && substr($this->dataRecord['redirect_path'],0,1) == '/'){
        //    $app->tform->errorMessage .= $app->tform->lng("error_proxy_requires_url")."<br />";
        //}

        // Set a few fixed values
        $this->dataRecord["parent_domain_id"] = 0;

 interface/web/sites/web_subdomain_edit.php

@@ -147,6 +147,11 @@
        } else {
            $this->dataRecord["domain"] = $this->dataRecord["domain"].'.'.$parent_domain["domain"];
        }
		
        // nginx: if redirect type is proxy and redirect path is no URL, display error
        if($this->dataRecord["redirect_type"] == 'proxy' && substr($this->dataRecord['redirect_path'],0,1) == '/'){
            $app->tform->errorMessage .= $app->tform->lng("error_proxy_requires_url")."<br />";
        }
        
        // Set a few fixed values
        $this->dataRecord["type"] = 'subdomain';

 server/conf/nginx_vhost.conf.master

@@ -27,15 +27,20 @@
            rewrite ^ $scheme://<tmpl_var name='alias_seo_redirect_target_domain'>$request_uri? permanent;
        }
</tmpl_loop>
<tmpl_loop name="local_redirects">
        if ($http_host <tmpl_var name='local_redirect_operator'> "<tmpl_var name='local_redirect_origin_domain'>") {
            rewrite ^<tmpl_var name='local_redirect_exclude'>(.*)$ <tmpl_var name='local_redirect_target'>$2 <tmpl_var name='local_redirect_type'>;
        }
</tmpl_loop>

<tmpl_loop name="own_redirects">
<tmpl_if name='use_rewrite'>
        rewrite ^<tmpl_var name='rewrite_exclude'>(.*)$ <tmpl_var name='rewrite_target'>$2 <tmpl_var name='rewrite_type'>;
        <tmpl_if name='exclude_own_hostname'>if ($http_host != "<tmpl_var name='exclude_own_hostname'>") { </tmpl_if>rewrite ^<tmpl_var name='rewrite_exclude'>(.*)$ <tmpl_var name='rewrite_target'>$2 <tmpl_var name='rewrite_type'>;<tmpl_if name='exclude_own_hostname'> }</tmpl_if>
</tmpl_if>
<tmpl_if name='use_proxy'>
        location / {
            proxy_pass <tmpl_var name='rewrite_target'>;
            rewrite ^/<tmpl_var name='rewrite_subdir'>/(.*) /$1;
            <tmpl_if name='rewrite_subdir'>rewrite ^/<tmpl_var name='rewrite_subdir'>(.*) /$1;</tmpl_if>
<tmpl_loop name="proxy_directives">
        <tmpl_var name='proxy_directive'>
</tmpl_loop>
@@ -212,7 +217,7 @@
<tmpl_if name='use_proxy'>
        location / {
            proxy_pass <tmpl_var name='rewrite_target'>;
            rewrite ^/<tmpl_var name='rewrite_subdir'>/(.*) /$1;
            <tmpl_if name='rewrite_subdir'>rewrite ^/<tmpl_var name='rewrite_subdir'>(.*) /$1;</tmpl_if>
<tmpl_loop name="proxy_directives">
        <tmpl_var name='proxy_directive'>
</tmpl_loop>

 server/plugins-available/nginx_plugin.inc.php

@@ -982,6 +982,7 @@
        // Rewrite rules
        $own_rewrite_rules = array();
        $rewrite_rules = array();
        $local_rewrite_rules = array();
        if($data['new']['redirect_type'] != '' && $data['new']['redirect_path'] != '') {
            if(substr($data['new']['redirect_path'],-1) != '/') $data['new']['redirect_path'] .= '/';
            if(substr($data['new']['redirect_path'],0,8) == '[scheme]'){
@@ -1011,6 +1012,7 @@

            switch($data['new']['subdomain']) {
                case 'www':
                    $exclude_own_hostname = '';
                    if(substr($data['new']['redirect_path'],0,1) == '/'){ // relative path
                        if($data['new']['redirect_type'] == 'proxy'){
                            $vhost_data['web_document_root_www_proxy'] = 'root '.$vhost_data['web_document_root_www'].';';
@@ -1033,6 +1035,7 @@
                                break;
                            } else {
                                $rewrite_exclude = '(?!/\b('.substr($tmp_redirect_path_parts['path'],1).(substr($tmp_redirect_path_parts['path'],1) != ''? '|': '').'stats'.($vhost_data['errordocs'] == 1 ? '|error' : '').')\b)/';
                                $exclude_own_hostname = $tmp_redirect_path_parts['host'];
                            }
                        } else {
                            // external URL
@@ -1041,7 +1044,8 @@
                                $vhost_data['use_proxy'] = 'y';
                                $rewrite_subdir = $tmp_redirect_path_parts['path'];
                                if(substr($rewrite_subdir,0,1) == '/') $rewrite_subdir = substr($rewrite_subdir,1);
                                if(substr($rewrite_subdir,-1) == '/') $rewrite_subdir = substr($rewrite_subdir,0,-1);
                                if(substr($rewrite_subdir,-1) != '/') $rewrite_subdir .= '/';
                                if($rewrite_subdir == '/') $rewrite_subdir = '';
                            }
                        }
                        unset($tmp_redirect_path);
@@ -1052,11 +1056,13 @@
                        'rewrite_target'     => $data['new']['redirect_path'],
                        'rewrite_exclude'    => $rewrite_exclude,
                        'rewrite_subdir'    => $rewrite_subdir,
                        'exclude_own_hostname' => $exclude_own_hostname,
                        'proxy_directives'    => $final_proxy_directives,
                        'use_rewrite'    => ($data['new']['redirect_type'] == 'proxy' ? false:true),
                        'use_proxy'    => ($data['new']['redirect_type'] == 'proxy' ? true:false));
                    break;
                case '*':
                    $exclude_own_hostname = '';
                    if(substr($data['new']['redirect_path'],0,1) == '/'){ // relative path
                        if($data['new']['redirect_type'] == 'proxy'){
                            $vhost_data['web_document_root_www_proxy'] = 'root '.$vhost_data['web_document_root_www'].';';
@@ -1081,6 +1087,7 @@
                                break;
                            } else {
                                $rewrite_exclude = '(?!/\b('.substr($tmp_redirect_path_parts['path'],1).(substr($tmp_redirect_path_parts['path'],1) != ''? '|': '').'stats'.($vhost_data['errordocs'] == 1 ? '|error' : '').')\b)/';
                                $exclude_own_hostname = $tmp_redirect_path_parts['host'];
                            }
                        } else {
                            // external URL
@@ -1089,7 +1096,8 @@
                                $vhost_data['use_proxy'] = 'y';
                                $rewrite_subdir = $tmp_redirect_path_parts['path'];
                                if(substr($rewrite_subdir,0,1) == '/') $rewrite_subdir = substr($rewrite_subdir,1);
                                if(substr($rewrite_subdir,-1) == '/') $rewrite_subdir = substr($rewrite_subdir,0,-1);
                                if(substr($rewrite_subdir,-1) != '/') $rewrite_subdir .= '/';
                                if($rewrite_subdir == '/') $rewrite_subdir = '';
                            }
                        }
                        unset($tmp_redirect_path);
@@ -1100,12 +1108,14 @@
                        'rewrite_target'     => $data['new']['redirect_path'],
                        'rewrite_exclude'    => $rewrite_exclude,
                        'rewrite_subdir'    => $rewrite_subdir,
                        'exclude_own_hostname' => $exclude_own_hostname,
                        'proxy_directives'    => $final_proxy_directives,
                        'use_rewrite'    => ($data['new']['redirect_type'] == 'proxy' ? false:true),
                        'use_proxy'    => ($data['new']['redirect_type'] == 'proxy' ? true:false));
                    break;
                default:
                    if(substr($data['new']['redirect_path'],0,1) == '/'){ // relative path
                        $exclude_own_hostname = '';
                        if($data['new']['redirect_type'] == 'proxy'){
                            $vhost_data['web_document_root_www_proxy'] = 'root '.$vhost_data['web_document_root_www'].';';
                            $vhost_data['web_document_root_www'] .= substr($data['new']['redirect_path'],0,-1);
@@ -1127,6 +1137,7 @@
                                break;
                            } else {
                                $rewrite_exclude = '(?!/\b('.substr($tmp_redirect_path_parts['path'],1).(substr($tmp_redirect_path_parts['path'],1) != ''? '|': '').'stats'.($vhost_data['errordocs'] == 1 ? '|error' : '').')\b)/';
                                $exclude_own_hostname = $tmp_redirect_path_parts['host'];
                            }
                        } else {
                            // external URL
@@ -1135,7 +1146,8 @@
                                $vhost_data['use_proxy'] = 'y';
                                $rewrite_subdir = $tmp_redirect_path_parts['path'];
                                if(substr($rewrite_subdir,0,1) == '/') $rewrite_subdir = substr($rewrite_subdir,1);
                                if(substr($rewrite_subdir,-1) == '/') $rewrite_subdir = substr($rewrite_subdir,0,-1);
                                if(substr($rewrite_subdir,-1) != '/') $rewrite_subdir .= '/';
                                if($rewrite_subdir == '/') $rewrite_subdir = '';
                            }
                        }
                        unset($tmp_redirect_path);
@@ -1146,6 +1158,7 @@
                        'rewrite_target'     => $data['new']['redirect_path'],
                        'rewrite_exclude'    => $rewrite_exclude,
                        'rewrite_subdir'    => $rewrite_subdir,
                        'exclude_own_hostname' => $exclude_own_hostname,
                        'proxy_directives'    => $final_proxy_directives,
                        'use_rewrite'    => ($data['new']['redirect_type'] == 'proxy' ? false:true),
                        'use_proxy'    => ($data['new']['redirect_type'] == 'proxy' ? true:false));
@@ -1202,7 +1215,7 @@
                    $final_proxy_directives = false;
                }
            
                if($alias['redirect_type'] == '' || $alias['redirect_path'] == '') {
                if($alias['redirect_type'] == '' || $alias['redirect_path'] == '' || substr($alias['redirect_path'],0,1) == '/') {
                    switch($alias['subdomain']) {
                        case 'www':
                            $server_alias[] = 'www.'.$alias['domain'].' '.$alias['domain'].' ';
@@ -1225,8 +1238,44 @@
                    }
                }
                
                // Rewriting
                if($alias['redirect_type'] != '' && $alias['redirect_path'] != '') {
                // Local Rewriting (inside vhost server {} container)
                if($alias['redirect_type'] != '' && substr($alias['redirect_path'],0,1) == '/' && $alias['redirect_type'] != 'proxy') {  // proxy makes no sense with local path
                    if(substr($alias['redirect_path'],-1) != '/') $alias['redirect_path'] .= '/';
                    $rewrite_exclude = '(?!/\b('.substr($alias['redirect_path'],1,-1).(substr($alias['redirect_path'],1,-1) != ''? '|': '').'stats'.($vhost_data['errordocs'] == 1 ? '|error' : '').')\b)/';
                    switch($alias['subdomain']) {
                        case 'www':
                            // example.com
                            $local_rewrite_rules[] = array(    'local_redirect_origin_domain'     => $alias['domain'],
                                'local_redirect_operator'    => '=',
                                'local_redirect_exclude' => $rewrite_exclude,
                                'local_redirect_target' => $alias['redirect_path'],
                                'local_redirect_type' => ($alias['redirect_type'] == 'no')?'':$alias['redirect_type']);

                            // www.example.com
                            $local_rewrite_rules[] = array(    'local_redirect_origin_domain'     => 'www.'.$alias['domain'],
                                'local_redirect_operator'    => '=',
                                'local_redirect_exclude' => $rewrite_exclude,
                                'local_redirect_target' => $alias['redirect_path'],
                                'local_redirect_type' => ($alias['redirect_type'] == 'no')?'':$alias['redirect_type']);
                            break;
                        case '*':
                            $local_rewrite_rules[] = array(    'local_redirect_origin_domain'     => '^('.str_replace('.', '\.', $alias['domain']).'|.+\.'.str_replace('.', '\.', $alias['domain']).')$',
                                'local_redirect_operator'    => '~*',
                                'local_redirect_exclude' => $rewrite_exclude,
                                'local_redirect_target' => $alias['redirect_path'],
                                'local_redirect_type' => ($alias['redirect_type'] == 'no')?'':$alias['redirect_type']);
                            break;
                        default:
                            $local_rewrite_rules[] = array(    'local_redirect_origin_domain'     => $alias['domain'],
                                'local_redirect_operator'    => '=',
                                'local_redirect_exclude' => $rewrite_exclude,
                                'local_redirect_target' => $alias['redirect_path'],
                                'local_redirect_type' => ($alias['redirect_type'] == 'no')?'':$alias['redirect_type']);
                    }
                }
				
                // External Rewriting (extra server {} containers)
                if($alias['redirect_type'] != '' && $alias['redirect_path'] != '' && substr($alias['redirect_path'],0,1) != '/') {
                    if(substr($alias['redirect_path'],-1) != '/') $alias['redirect_path'] .= '/';
                    if(substr($alias['redirect_path'],0,8) == '[scheme]'){
                        if($alias['redirect_type'] != 'proxy'){
@@ -1238,21 +1287,15 @@
                    
                    switch($alias['subdomain']) {
                        case 'www':
                            if(substr($alias['redirect_path'],0,1) == '/'){ // relative path
                                if($alias['redirect_type'] == 'proxy'){
                                    $rewrite_subdir = substr($alias['redirect_path'],1);
                                    if(substr($rewrite_subdir,-1) == '/') $rewrite_subdir = substr($rewrite_subdir,0,-1);
                                }
                                $alias['redirect_path'] = ($alias['redirect_type'] == 'proxy'? 'http' : '$scheme').'://'.($vhost_data['seo_redirect_enabled'] ? $vhost_data['seo_redirect_target_domain'] : $data['new']['domain']).$alias['redirect_path'];
                            } else {
                                if($alias['redirect_type'] == 'proxy'){
                                    $tmp_redirect_path = $alias['redirect_path'];
                                    $tmp_redirect_path_parts = parse_url($tmp_redirect_path);
                                    $rewrite_subdir = $tmp_redirect_path_parts['path'];
                                    if(substr($rewrite_subdir,0,1) == '/') $rewrite_subdir = substr($rewrite_subdir,1);
                                    if(substr($rewrite_subdir,-1) == '/') $rewrite_subdir = substr($rewrite_subdir,0,-1);
                                }
                            if($alias['redirect_type'] == 'proxy'){
                                $tmp_redirect_path = $alias['redirect_path'];
                                $tmp_redirect_path_parts = parse_url($tmp_redirect_path);
                                $rewrite_subdir = $tmp_redirect_path_parts['path'];
                                if(substr($rewrite_subdir,0,1) == '/') $rewrite_subdir = substr($rewrite_subdir,1);
                                if(substr($rewrite_subdir,-1) != '/') $rewrite_subdir .= '/';
                                if($rewrite_subdir == '/') $rewrite_subdir = '';
                            }
							
                            if($alias['redirect_type'] != 'proxy'){
                                if(substr($alias['redirect_path'],-1) == '/') $alias['redirect_path'] = substr($alias['redirect_path'],0,-1);
                            }
@@ -1272,26 +1315,7 @@
                                'use_rewrite'    => ($alias['redirect_type'] == 'proxy' ? false:true),
                                'use_proxy'    => ($alias['redirect_type'] == 'proxy' ? true:false),
                                'alias_seo_redirects2' => (count($alias_seo_redirects2) > 0 ? $alias_seo_redirects2 : false));
								
								
                            if(substr($alias['redirect_path'],0,1) == '/'){ // relative path
                                if($alias['redirect_type'] == 'proxy'){
                                    $rewrite_subdir = substr($alias['redirect_path'],1);
                                    if(substr($rewrite_subdir,-1) == '/') $rewrite_subdir = substr($rewrite_subdir,0,-1);
                                }
                                $alias['redirect_path'] = ($alias['redirect_type'] == 'proxy'? 'http' : '$scheme').'://'.($vhost_data['seo_redirect_enabled'] ? $vhost_data['seo_redirect_target_domain'] : $data['new']['domain']).$alias['redirect_path'];
                            } else {
                                if($alias['redirect_type'] == 'proxy'){
                                    $tmp_redirect_path = $alias['redirect_path'];
                                    $tmp_redirect_path_parts = parse_url($tmp_redirect_path);
                                    $rewrite_subdir = $tmp_redirect_path_parts['path'];
                                    if(substr($rewrite_subdir,0,1) == '/') $rewrite_subdir = substr($rewrite_subdir,1);
                                    if(substr($rewrite_subdir,-1) == '/') $rewrite_subdir = substr($rewrite_subdir,0,-1);
                                }
                            }
                            if($alias['redirect_type'] != 'proxy'){
                                if(substr($alias['redirect_path'],-1) == '/') $alias['redirect_path'] = substr($alias['redirect_path'],0,-1);
                            }

                            // Add SEO redirects for alias domains
                            $alias_seo_redirects2 = array();
                            if($alias['seo_redirect'] != ''){
@@ -1310,21 +1334,15 @@
                                'alias_seo_redirects2' => (count($alias_seo_redirects2) > 0 ? $alias_seo_redirects2 : false));
                            break;
                        case '*':
                            if(substr($alias['redirect_path'],0,1) == '/'){ // relative path
                                if($alias['redirect_type'] == 'proxy'){
                                    $rewrite_subdir = substr($alias['redirect_path'],1);
                                    if(substr($rewrite_subdir,-1) == '/') $rewrite_subdir = substr($rewrite_subdir,0,-1);
                                }
                                $alias['redirect_path'] = ($alias['redirect_type'] == 'proxy'? 'http' : '$scheme').'://'.($vhost_data['seo_redirect_enabled'] ? $vhost_data['seo_redirect_target_domain'] : $data['new']['domain']).$alias['redirect_path'];
                            } else {
                                if($alias['redirect_type'] == 'proxy'){
                                    $tmp_redirect_path = $alias['redirect_path'];
                                    $tmp_redirect_path_parts = parse_url($tmp_redirect_path);
                                    $rewrite_subdir = $tmp_redirect_path_parts['path'];
                                    if(substr($rewrite_subdir,0,1) == '/') $rewrite_subdir = substr($rewrite_subdir,1);
                                    if(substr($rewrite_subdir,-1) == '/') $rewrite_subdir = substr($rewrite_subdir,0,-1);
                                }
                            if($alias['redirect_type'] == 'proxy'){
                                $tmp_redirect_path = $alias['redirect_path'];
                                $tmp_redirect_path_parts = parse_url($tmp_redirect_path);
                                $rewrite_subdir = $tmp_redirect_path_parts['path'];
                                if(substr($rewrite_subdir,0,1) == '/') $rewrite_subdir = substr($rewrite_subdir,1);
                                if(substr($rewrite_subdir,-1) != '/') $rewrite_subdir .= '/';
                                if($rewrite_subdir == '/') $rewrite_subdir = '';
                            }
							
                            if($alias['redirect_type'] != 'proxy'){
                                if(substr($alias['redirect_path'],-1) == '/') $alias['redirect_path'] = substr($alias['redirect_path'],0,-1);
                            }
@@ -1346,21 +1364,15 @@
                                'alias_seo_redirects2' => (count($alias_seo_redirects2) > 0 ? $alias_seo_redirects2 : false));
                            break;
                        default:
                            if(substr($alias['redirect_path'],0,1) == '/'){ // relative path
                                if($alias['redirect_type'] == 'proxy'){
                                    $rewrite_subdir = substr($alias['redirect_path'],1);
                                    if(substr($rewrite_subdir,-1) == '/') $rewrite_subdir = substr($rewrite_subdir,0,-1);
                                }
                                $alias['redirect_path'] = ($alias['redirect_type'] == 'proxy'? 'http' : '$scheme').'://'.($vhost_data['seo_redirect_enabled'] ? $vhost_data['seo_redirect_target_domain'] : $data['new']['domain']).$alias['redirect_path'];
                            } else {
                                if($alias['redirect_type'] == 'proxy'){
                                    $tmp_redirect_path = $alias['redirect_path'];
                                    $tmp_redirect_path_parts = parse_url($tmp_redirect_path);
                                    $rewrite_subdir = $tmp_redirect_path_parts['path'];
                                    if(substr($rewrite_subdir,0,1) == '/') $rewrite_subdir = substr($rewrite_subdir,1);
                                    if(substr($rewrite_subdir,-1) == '/') $rewrite_subdir = substr($rewrite_subdir,0,-1);
                                }
                            if($alias['redirect_type'] == 'proxy'){
                                $tmp_redirect_path = $alias['redirect_path'];
                                $tmp_redirect_path_parts = parse_url($tmp_redirect_path);
                                $rewrite_subdir = $tmp_redirect_path_parts['path'];
                                if(substr($rewrite_subdir,0,1) == '/') $rewrite_subdir = substr($rewrite_subdir,1);
                                if(substr($rewrite_subdir,-1) != '/') $rewrite_subdir .= '/';
                                if($rewrite_subdir == '/') $rewrite_subdir = '';
                            }
							
                            if($alias['redirect_type'] != 'proxy'){
                                if(substr($alias['redirect_path'],-1) == '/') $alias['redirect_path'] = substr($alias['redirect_path'],0,-1);
                            }
@@ -1412,6 +1424,9 @@
        if(count($own_rewrite_rules) > 0) {
            $tpl->setLoop('own_redirects',$own_rewrite_rules);
        }
        if(count($local_rewrite_rules) > 0) {
            $tpl->setLoop('local_redirects',$local_rewrite_rules);
        }
        if(count($alias_seo_redirects) > 0) {
            $tpl->setLoop('alias_seo_redirects',$alias_seo_redirects);
        }

			@@ -122,7 +122,7 @@
			'datatype' => 'VARCHAR',
			'formtype' => 'TEXT',
			'validators' => array ( 0 => array ( 'type' => 'REGEX',
			'regex' => '@^(([\.]{0})\|((ftp\|https?)://([-\w\.]+)+(:\d+)?(/([\w/_\.\-\,\+\?\~!:%](\?\S+)?)?)?)\|(\[scheme\]://([-\w\.]+)+(:\d+)?(/([\w/_\.\-\,\+\?\~!:%](\?\S+)?)?)?)\|(/[\w/_\.\-]{1,255}/))$@',
			'regex' => '@^(([\.]{0})\|((ftp\|https?)://([-\w\.]+)+(:\d+)?(/([\w/_\.\-\,\+\?\~!:%](\?\S+)?)?)?)\|(\[scheme\]://([-\w\.]+)+(:\d+)?(/([\w/_\.\-\,\+\?\~!:%](\?\S+)?)?)?)\|(/(?!.*\.\.)[\w/_\.\-]{1,255}/))$@',
			'errmsg'=> 'redirect_error_regex'),
			),
			'default' => '',

			@@ -297,7 +297,7 @@
			'redirect_path' => array (
			'datatype' => 'VARCHAR',
			'validators' => array ( 0 => array ( 'type' => 'REGEX',
			'regex' => '@^(([\.]{0})\|((ftp\|https?)://([-\w\.]+)+(:\d+)?(/([\w/_\.\,\-\+\?\~!:%](\?\S+)?)?)?)\|(\[scheme\]://([-\w\.]+)+(:\d+)?(/([\w/_\.\-\,\+\?\~!:%](\?\S+)?)?)?)\|(/[\w/_\.\-]{1,255}/))$@',
			'regex' => '@^(([\.]{0})\|((ftp\|https?)://([-\w\.]+)+(:\d+)?(/([\w/_\.\,\-\+\?\~!:%](\?\S+)?)?)?)\|(\[scheme\]://([-\w\.]+)+(:\d+)?(/([\w/_\.\-\,\+\?\~!:%](\?\S+)?)?)?)\|(/(?!.*\.\.)[\w/_\.\-]{1,255}/))$@',
			'errmsg'=> 'redirect_error_regex'),
			),
			'formtype' => 'TEXT',

			@@ -123,7 +123,7 @@
			'datatype' => 'VARCHAR',
			'formtype' => 'TEXT',
			'validators' => array ( 0 => array ( 'type' => 'REGEX',
			'regex' => '@^(([\.]{0})\|((ftp\|https?)://([-\w\.]+)+(:\d+)?(/([\w/_\.\-\,\+\?\~!:%](\?\S+)?)?)?)\|(\[scheme\]://([-\w\.]+)+(:\d+)?(/([\w/_\.\-\,\+\?\~!:%](\?\S+)?)?)?)\|(/[\w/_\.\-]{1,255}/))$@',
			'regex' => '@^(([\.]{0})\|((ftp\|https?)://([-\w\.]+)+(:\d+)?(/([\w/_\.\-\,\+\?\~!:%](\?\S+)?)?)?)\|(\[scheme\]://([-\w\.]+)+(:\d+)?(/([\w/_\.\-\,\+\?\~!:%](\?\S+)?)?)?)\|(/(?!.*\.\.)[\w/_\.\-]{1,255}/))$@',
			'errmsg'=> 'redirect_error_regex'),
			),
			'default' => '',

			@@ -149,7 +149,7 @@
			'web_folder' => array (
			'datatype' => 'VARCHAR',
			'validators' => array ( 0 => array ( 'type' => 'REGEX',
			'regex' => '@^([\w/_\.\-]{1,100})$@',
			'regex' => '@^((?!.*\.\.)[\w/_\.\-]{1,100})$@',
			'errmsg'=> 'web_folder_error_regex'),
			),
			'formtype' => 'TEXT',
			@@ -296,7 +296,7 @@
			'redirect_path' => array (
			'datatype' => 'VARCHAR',
			'validators' => array ( 0 => array ( 'type' => 'REGEX',
			'regex' => '@^(([\.]{0})\|((ftp\|https?)://([-\w\.]+)+(:\d+)?(/([\w/_\.\,\-\+\?\~!:%](\?\S+)?)?)?)\|(\[scheme\]://([-\w\.]+)+(:\d+)?(/([\w/_\.\-\,\+\?\~!:%](\?\S+)?)?)?)\|(/[\w/_\.\-]{1,255}/))$@',
			'regex' => '@^(([\.]{0})\|((ftp\|https?)://([-\w\.]+)+(:\d+)?(/([\w/_\.\,\-\+\?\~!:%](\?\S+)?)?)?)\|(\[scheme\]://([-\w\.]+)+(:\d+)?(/([\w/_\.\-\,\+\?\~!:%](\?\S+)?)?)?)\|(/(?!.*\.\.)[\w/_\.\-]{1,255}/))$@',
			'errmsg'=> 'redirect_error_regex'),
			),
			'formtype' => 'TEXT',

			@@ -30,4 +30,5 @@
			$wb['Available packages'] = 'Verfügbare Pakete';
			$wb['Installed packages'] = 'Installierte Pakete';
			$wb['Update Packagelist'] = 'Paketliste aktualisieren';
			$wb['error_proxy_requires_url'] = 'Weiterleitungstyp "proxy" erfordert eine URL als Weiterleitungspfad.';
			?>

			@@ -42,4 +42,5 @@
			$wb['no_flag_txt'] = 'Kein Flag';
			$wb['proxy_directives_txt'] = 'Proxy Direktiven';
			$wb['available_proxy_directive_snippets_txt'] = 'Verfügbare Proxy Direktiven Schnipsel:';
			$wb['error_proxy_requires_url'] = 'Weiterleitungstyp "proxy" erfordert eine URL als Weiterleitungspfad.';
			?>

			@@ -31,4 +31,5 @@
			$wb['Installed packages'] = 'Installed packages';
			$wb['Update Packagelist'] = 'Update Packagelist';
			$wb['Subdomain (Vhost)'] = 'Subdomain (Vhost)';
			$wb['error_proxy_requires_url'] = 'Redirect Type "proxy" requires a URL as the redirect path.';
			?>

			@@ -42,4 +42,5 @@
			$wb['no_flag_txt'] = 'No flag';
			$wb['proxy_directives_txt'] = 'Proxy Directives';
			$wb['available_proxy_directive_snippets_txt'] = 'Available Proxy Directive Snippets:';
			$wb['error_proxy_requires_url'] = 'Redirect Type "proxy" requires a URL as the redirect path.';
			?>

			@@ -136,6 +136,11 @@
			$this->dataRecord['domain'] = $domain_check;
			}
			}

			// nginx: if redirect type is proxy and redirect path is no URL, display error
			if($this->dataRecord["redirect_type"] == 'proxy' && substr($this->dataRecord['redirect_path'],0,1) == '/'){
			$app->tform->errorMessage .= $app->tform->lng("error_proxy_requires_url")."<br />";
			}

			// Get the record of the parent domain
			$parent_domain = $app->db->queryOneRecord("select * FROM web_domain WHERE domain_id = ".$app->functions->intval(@$this->dataRecord["parent_domain_id"]));

			@@ -474,6 +474,11 @@
			}
			}
			}

			// nginx: if redirect type is proxy and redirect path is no URL, display error
			//if($this->dataRecord["redirect_type"] == 'proxy' && substr($this->dataRecord['redirect_path'],0,1) == '/'){
			// $app->tform->errorMessage .= $app->tform->lng("error_proxy_requires_url")."<br />";
			//}

			// Set a few fixed values
			$this->dataRecord["parent_domain_id"] = 0;

			@@ -147,6 +147,11 @@
			} else {
			$this->dataRecord["domain"] = $this->dataRecord["domain"].'.'.$parent_domain["domain"];
			}

			// nginx: if redirect type is proxy and redirect path is no URL, display error
			if($this->dataRecord["redirect_type"] == 'proxy' && substr($this->dataRecord['redirect_path'],0,1) == '/'){
			$app->tform->errorMessage .= $app->tform->lng("error_proxy_requires_url")."<br />";
			}

			// Set a few fixed values
			$this->dataRecord["type"] = 'subdomain';

			@@ -27,15 +27,20 @@
			rewrite ^ $scheme://<tmpl_var name='alias_seo_redirect_target_domain'>$request_uri? permanent;
			}
			</tmpl_loop>
			<tmpl_loop name="local_redirects">
			if ($http_host <tmpl_var name='local_redirect_operator'> "<tmpl_var name='local_redirect_origin_domain'>") {
			rewrite ^<tmpl_var name='local_redirect_exclude'>(.*)$ <tmpl_var name='local_redirect_target'>$2 <tmpl_var name='local_redirect_type'>;
			}
			</tmpl_loop>

			<tmpl_loop name="own_redirects">
			<tmpl_if name='use_rewrite'>
			rewrite ^<tmpl_var name='rewrite_exclude'>(.*)$ <tmpl_var name='rewrite_target'>$2 <tmpl_var name='rewrite_type'>;
			<tmpl_if name='exclude_own_hostname'>if ($http_host != "<tmpl_var name='exclude_own_hostname'>") { </tmpl_if>rewrite ^<tmpl_var name='rewrite_exclude'>(.*)$ <tmpl_var name='rewrite_target'>$2 <tmpl_var name='rewrite_type'>;<tmpl_if name='exclude_own_hostname'> }</tmpl_if>
			</tmpl_if>
			<tmpl_if name='use_proxy'>
			location / {
			proxy_pass <tmpl_var name='rewrite_target'>;
			rewrite ^/<tmpl_var name='rewrite_subdir'>/(.*) /$1;
			<tmpl_if name='rewrite_subdir'>rewrite ^/<tmpl_var name='rewrite_subdir'>(.*) /$1;</tmpl_if>
			<tmpl_loop name="proxy_directives">
			<tmpl_var name='proxy_directive'>
			</tmpl_loop>
			@@ -212,7 +217,7 @@
			<tmpl_if name='use_proxy'>
			location / {
			proxy_pass <tmpl_var name='rewrite_target'>;
			rewrite ^/<tmpl_var name='rewrite_subdir'>/(.*) /$1;
			<tmpl_if name='rewrite_subdir'>rewrite ^/<tmpl_var name='rewrite_subdir'>(.*) /$1;</tmpl_if>
			<tmpl_loop name="proxy_directives">
			<tmpl_var name='proxy_directive'>
			</tmpl_loop>

			@@ -982,6 +982,7 @@
			// Rewrite rules
			$own_rewrite_rules = array();
			$rewrite_rules = array();
			$local_rewrite_rules = array();
			if($data['new']['redirect_type'] != '' && $data['new']['redirect_path'] != '') {
			if(substr($data['new']['redirect_path'],-1) != '/') $data['new']['redirect_path'] .= '/';
			if(substr($data['new']['redirect_path'],0,8) == '[scheme]'){
			@@ -1011,6 +1012,7 @@

			switch($data['new']['subdomain']) {
			case 'www':
			$exclude_own_hostname = '';
			if(substr($data['new']['redirect_path'],0,1) == '/'){ // relative path
			if($data['new']['redirect_type'] == 'proxy'){
			$vhost_data['web_document_root_www_proxy'] = 'root '.$vhost_data['web_document_root_www'].';';
			@@ -1033,6 +1035,7 @@
			break;
			} else {
			$rewrite_exclude = '(?!/\b('.substr($tmp_redirect_path_parts['path'],1).(substr($tmp_redirect_path_parts['path'],1) != ''? '\|': '').'stats'.($vhost_data['errordocs'] == 1 ? '\|error' : '').')\b)/';
			$exclude_own_hostname = $tmp_redirect_path_parts['host'];
			}
			} else {
			// external URL
			@@ -1041,7 +1044,8 @@
			$vhost_data['use_proxy'] = 'y';
			$rewrite_subdir = $tmp_redirect_path_parts['path'];
			if(substr($rewrite_subdir,0,1) == '/') $rewrite_subdir = substr($rewrite_subdir,1);
			if(substr($rewrite_subdir,-1) == '/') $rewrite_subdir = substr($rewrite_subdir,0,-1);
			if(substr($rewrite_subdir,-1) != '/') $rewrite_subdir .= '/';
			if($rewrite_subdir == '/') $rewrite_subdir = '';
			}
			}
			unset($tmp_redirect_path);
			@@ -1052,11 +1056,13 @@
			'rewrite_target' => $data['new']['redirect_path'],
			'rewrite_exclude' => $rewrite_exclude,
			'rewrite_subdir' => $rewrite_subdir,
			'exclude_own_hostname' => $exclude_own_hostname,
			'proxy_directives' => $final_proxy_directives,
			'use_rewrite' => ($data['new']['redirect_type'] == 'proxy' ? false:true),
			'use_proxy' => ($data['new']['redirect_type'] == 'proxy' ? true:false));
			break;
			case '*':
			$exclude_own_hostname = '';
			if(substr($data['new']['redirect_path'],0,1) == '/'){ // relative path
			if($data['new']['redirect_type'] == 'proxy'){
			$vhost_data['web_document_root_www_proxy'] = 'root '.$vhost_data['web_document_root_www'].';';
			@@ -1081,6 +1087,7 @@
			break;
			} else {
			$rewrite_exclude = '(?!/\b('.substr($tmp_redirect_path_parts['path'],1).(substr($tmp_redirect_path_parts['path'],1) != ''? '\|': '').'stats'.($vhost_data['errordocs'] == 1 ? '\|error' : '').')\b)/';
			$exclude_own_hostname = $tmp_redirect_path_parts['host'];
			}
			} else {
			// external URL
			@@ -1089,7 +1096,8 @@
			$vhost_data['use_proxy'] = 'y';
			$rewrite_subdir = $tmp_redirect_path_parts['path'];
			if(substr($rewrite_subdir,0,1) == '/') $rewrite_subdir = substr($rewrite_subdir,1);
			if(substr($rewrite_subdir,-1) == '/') $rewrite_subdir = substr($rewrite_subdir,0,-1);
			if(substr($rewrite_subdir,-1) != '/') $rewrite_subdir .= '/';
			if($rewrite_subdir == '/') $rewrite_subdir = '';
			}
			}
			unset($tmp_redirect_path);
			@@ -1100,12 +1108,14 @@
			'rewrite_target' => $data['new']['redirect_path'],
			'rewrite_exclude' => $rewrite_exclude,
			'rewrite_subdir' => $rewrite_subdir,
			'exclude_own_hostname' => $exclude_own_hostname,
			'proxy_directives' => $final_proxy_directives,
			'use_rewrite' => ($data['new']['redirect_type'] == 'proxy' ? false:true),
			'use_proxy' => ($data['new']['redirect_type'] == 'proxy' ? true:false));
			break;
			default:
			if(substr($data['new']['redirect_path'],0,1) == '/'){ // relative path
			$exclude_own_hostname = '';
			if($data['new']['redirect_type'] == 'proxy'){
			$vhost_data['web_document_root_www_proxy'] = 'root '.$vhost_data['web_document_root_www'].';';
			$vhost_data['web_document_root_www'] .= substr($data['new']['redirect_path'],0,-1);
			@@ -1127,6 +1137,7 @@
			break;
			} else {
			$rewrite_exclude = '(?!/\b('.substr($tmp_redirect_path_parts['path'],1).(substr($tmp_redirect_path_parts['path'],1) != ''? '\|': '').'stats'.($vhost_data['errordocs'] == 1 ? '\|error' : '').')\b)/';
			$exclude_own_hostname = $tmp_redirect_path_parts['host'];
			}
			} else {
			// external URL
			@@ -1135,7 +1146,8 @@
			$vhost_data['use_proxy'] = 'y';
			$rewrite_subdir = $tmp_redirect_path_parts['path'];
			if(substr($rewrite_subdir,0,1) == '/') $rewrite_subdir = substr($rewrite_subdir,1);
			if(substr($rewrite_subdir,-1) == '/') $rewrite_subdir = substr($rewrite_subdir,0,-1);
			if(substr($rewrite_subdir,-1) != '/') $rewrite_subdir .= '/';
			if($rewrite_subdir == '/') $rewrite_subdir = '';
			}
			}
			unset($tmp_redirect_path);
			@@ -1146,6 +1158,7 @@
			'rewrite_target' => $data['new']['redirect_path'],
			'rewrite_exclude' => $rewrite_exclude,
			'rewrite_subdir' => $rewrite_subdir,
			'exclude_own_hostname' => $exclude_own_hostname,
			'proxy_directives' => $final_proxy_directives,
			'use_rewrite' => ($data['new']['redirect_type'] == 'proxy' ? false:true),
			'use_proxy' => ($data['new']['redirect_type'] == 'proxy' ? true:false));
			@@ -1202,7 +1215,7 @@
			$final_proxy_directives = false;
			}

			if($alias['redirect_type'] == '' \|\| $alias['redirect_path'] == '') {
			if($alias['redirect_type'] == '' \|\| $alias['redirect_path'] == '' \|\| substr($alias['redirect_path'],0,1) == '/') {
			switch($alias['subdomain']) {
			case 'www':
			$server_alias[] = 'www.'.$alias['domain'].' '.$alias['domain'].' ';
			@@ -1225,8 +1238,44 @@
			}
			}

			// Rewriting
			if($alias['redirect_type'] != '' && $alias['redirect_path'] != '') {
			// Local Rewriting (inside vhost server {} container)
			if($alias['redirect_type'] != '' && substr($alias['redirect_path'],0,1) == '/' && $alias['redirect_type'] != 'proxy') { // proxy makes no sense with local path
			if(substr($alias['redirect_path'],-1) != '/') $alias['redirect_path'] .= '/';
			$rewrite_exclude = '(?!/\b('.substr($alias['redirect_path'],1,-1).(substr($alias['redirect_path'],1,-1) != ''? '\|': '').'stats'.($vhost_data['errordocs'] == 1 ? '\|error' : '').')\b)/';
			switch($alias['subdomain']) {
			case 'www':
			// example.com
			$local_rewrite_rules[] = array( 'local_redirect_origin_domain' => $alias['domain'],
			'local_redirect_operator' => '=',
			'local_redirect_exclude' => $rewrite_exclude,
			'local_redirect_target' => $alias['redirect_path'],
			'local_redirect_type' => ($alias['redirect_type'] == 'no')?'':$alias['redirect_type']);

			// www.example.com
			$local_rewrite_rules[] = array( 'local_redirect_origin_domain' => 'www.'.$alias['domain'],
			'local_redirect_operator' => '=',
			'local_redirect_exclude' => $rewrite_exclude,
			'local_redirect_target' => $alias['redirect_path'],
			'local_redirect_type' => ($alias['redirect_type'] == 'no')?'':$alias['redirect_type']);
			break;
			case '*':
			$local_rewrite_rules[] = array( 'local_redirect_origin_domain' => '^('.str_replace('.', '\.', $alias['domain']).'\|.+\.'.str_replace('.', '\.', $alias['domain']).')$',
			'local_redirect_operator' => '~*',
			'local_redirect_exclude' => $rewrite_exclude,
			'local_redirect_target' => $alias['redirect_path'],
			'local_redirect_type' => ($alias['redirect_type'] == 'no')?'':$alias['redirect_type']);
			break;
			default:
			$local_rewrite_rules[] = array( 'local_redirect_origin_domain' => $alias['domain'],
			'local_redirect_operator' => '=',
			'local_redirect_exclude' => $rewrite_exclude,
			'local_redirect_target' => $alias['redirect_path'],
			'local_redirect_type' => ($alias['redirect_type'] == 'no')?'':$alias['redirect_type']);
			}
			}

			// External Rewriting (extra server {} containers)
			if($alias['redirect_type'] != '' && $alias['redirect_path'] != '' && substr($alias['redirect_path'],0,1) != '/') {
			if(substr($alias['redirect_path'],-1) != '/') $alias['redirect_path'] .= '/';
			if(substr($alias['redirect_path'],0,8) == '[scheme]'){
			if($alias['redirect_type'] != 'proxy'){
			@@ -1238,21 +1287,15 @@

			switch($alias['subdomain']) {
			case 'www':
			if(substr($alias['redirect_path'],0,1) == '/'){ // relative path
			if($alias['redirect_type'] == 'proxy'){
			$rewrite_subdir = substr($alias['redirect_path'],1);
			if(substr($rewrite_subdir,-1) == '/') $rewrite_subdir = substr($rewrite_subdir,0,-1);
			}
			$alias['redirect_path'] = ($alias['redirect_type'] == 'proxy'? 'http' : '$scheme').'://'.($vhost_data['seo_redirect_enabled'] ? $vhost_data['seo_redirect_target_domain'] : $data['new']['domain']).$alias['redirect_path'];
			} else {
			if($alias['redirect_type'] == 'proxy'){
			$tmp_redirect_path = $alias['redirect_path'];
			$tmp_redirect_path_parts = parse_url($tmp_redirect_path);
			$rewrite_subdir = $tmp_redirect_path_parts['path'];
			if(substr($rewrite_subdir,0,1) == '/') $rewrite_subdir = substr($rewrite_subdir,1);
			if(substr($rewrite_subdir,-1) == '/') $rewrite_subdir = substr($rewrite_subdir,0,-1);
			}
			if($alias['redirect_type'] == 'proxy'){
			$tmp_redirect_path = $alias['redirect_path'];
			$tmp_redirect_path_parts = parse_url($tmp_redirect_path);
			$rewrite_subdir = $tmp_redirect_path_parts['path'];
			if(substr($rewrite_subdir,0,1) == '/') $rewrite_subdir = substr($rewrite_subdir,1);
			if(substr($rewrite_subdir,-1) != '/') $rewrite_subdir .= '/';
			if($rewrite_subdir == '/') $rewrite_subdir = '';
			}

			if($alias['redirect_type'] != 'proxy'){
			if(substr($alias['redirect_path'],-1) == '/') $alias['redirect_path'] = substr($alias['redirect_path'],0,-1);
			}
			@@ -1272,26 +1315,7 @@
			'use_rewrite' => ($alias['redirect_type'] == 'proxy' ? false:true),
			'use_proxy' => ($alias['redirect_type'] == 'proxy' ? true:false),
			'alias_seo_redirects2' => (count($alias_seo_redirects2) > 0 ? $alias_seo_redirects2 : false));


			if(substr($alias['redirect_path'],0,1) == '/'){ // relative path
			if($alias['redirect_type'] == 'proxy'){
			$rewrite_subdir = substr($alias['redirect_path'],1);
			if(substr($rewrite_subdir,-1) == '/') $rewrite_subdir = substr($rewrite_subdir,0,-1);
			}
			$alias['redirect_path'] = ($alias['redirect_type'] == 'proxy'? 'http' : '$scheme').'://'.($vhost_data['seo_redirect_enabled'] ? $vhost_data['seo_redirect_target_domain'] : $data['new']['domain']).$alias['redirect_path'];
			} else {
			if($alias['redirect_type'] == 'proxy'){
			$tmp_redirect_path = $alias['redirect_path'];
			$tmp_redirect_path_parts = parse_url($tmp_redirect_path);
			$rewrite_subdir = $tmp_redirect_path_parts['path'];
			if(substr($rewrite_subdir,0,1) == '/') $rewrite_subdir = substr($rewrite_subdir,1);
			if(substr($rewrite_subdir,-1) == '/') $rewrite_subdir = substr($rewrite_subdir,0,-1);
			}
			}
			if($alias['redirect_type'] != 'proxy'){
			if(substr($alias['redirect_path'],-1) == '/') $alias['redirect_path'] = substr($alias['redirect_path'],0,-1);
			}

			// Add SEO redirects for alias domains
			$alias_seo_redirects2 = array();
			if($alias['seo_redirect'] != ''){
			@@ -1310,21 +1334,15 @@
			'alias_seo_redirects2' => (count($alias_seo_redirects2) > 0 ? $alias_seo_redirects2 : false));
			break;
			case '*':
			if(substr($alias['redirect_path'],0,1) == '/'){ // relative path
			if($alias['redirect_type'] == 'proxy'){
			$rewrite_subdir = substr($alias['redirect_path'],1);
			if(substr($rewrite_subdir,-1) == '/') $rewrite_subdir = substr($rewrite_subdir,0,-1);
			}
			$alias['redirect_path'] = ($alias['redirect_type'] == 'proxy'? 'http' : '$scheme').'://'.($vhost_data['seo_redirect_enabled'] ? $vhost_data['seo_redirect_target_domain'] : $data['new']['domain']).$alias['redirect_path'];
			} else {
			if($alias['redirect_type'] == 'proxy'){
			$tmp_redirect_path = $alias['redirect_path'];
			$tmp_redirect_path_parts = parse_url($tmp_redirect_path);
			$rewrite_subdir = $tmp_redirect_path_parts['path'];
			if(substr($rewrite_subdir,0,1) == '/') $rewrite_subdir = substr($rewrite_subdir,1);
			if(substr($rewrite_subdir,-1) == '/') $rewrite_subdir = substr($rewrite_subdir,0,-1);
			}
			if($alias['redirect_type'] == 'proxy'){
			$tmp_redirect_path = $alias['redirect_path'];
			$tmp_redirect_path_parts = parse_url($tmp_redirect_path);
			$rewrite_subdir = $tmp_redirect_path_parts['path'];
			if(substr($rewrite_subdir,0,1) == '/') $rewrite_subdir = substr($rewrite_subdir,1);
			if(substr($rewrite_subdir,-1) != '/') $rewrite_subdir .= '/';
			if($rewrite_subdir == '/') $rewrite_subdir = '';
			}

			if($alias['redirect_type'] != 'proxy'){
			if(substr($alias['redirect_path'],-1) == '/') $alias['redirect_path'] = substr($alias['redirect_path'],0,-1);
			}
			@@ -1346,21 +1364,15 @@
			'alias_seo_redirects2' => (count($alias_seo_redirects2) > 0 ? $alias_seo_redirects2 : false));
			break;
			default:
			if(substr($alias['redirect_path'],0,1) == '/'){ // relative path
			if($alias['redirect_type'] == 'proxy'){
			$rewrite_subdir = substr($alias['redirect_path'],1);
			if(substr($rewrite_subdir,-1) == '/') $rewrite_subdir = substr($rewrite_subdir,0,-1);
			}
			$alias['redirect_path'] = ($alias['redirect_type'] == 'proxy'? 'http' : '$scheme').'://'.($vhost_data['seo_redirect_enabled'] ? $vhost_data['seo_redirect_target_domain'] : $data['new']['domain']).$alias['redirect_path'];
			} else {
			if($alias['redirect_type'] == 'proxy'){
			$tmp_redirect_path = $alias['redirect_path'];
			$tmp_redirect_path_parts = parse_url($tmp_redirect_path);
			$rewrite_subdir = $tmp_redirect_path_parts['path'];
			if(substr($rewrite_subdir,0,1) == '/') $rewrite_subdir = substr($rewrite_subdir,1);
			if(substr($rewrite_subdir,-1) == '/') $rewrite_subdir = substr($rewrite_subdir,0,-1);
			}
			if($alias['redirect_type'] == 'proxy'){
			$tmp_redirect_path = $alias['redirect_path'];
			$tmp_redirect_path_parts = parse_url($tmp_redirect_path);
			$rewrite_subdir = $tmp_redirect_path_parts['path'];
			if(substr($rewrite_subdir,0,1) == '/') $rewrite_subdir = substr($rewrite_subdir,1);
			if(substr($rewrite_subdir,-1) != '/') $rewrite_subdir .= '/';
			if($rewrite_subdir == '/') $rewrite_subdir = '';
			}

			if($alias['redirect_type'] != 'proxy'){
			if(substr($alias['redirect_path'],-1) == '/') $alias['redirect_path'] = substr($alias['redirect_path'],0,-1);
			}
			@@ -1412,6 +1424,9 @@
			if(count($own_rewrite_rules) > 0) {
			$tpl->setLoop('own_redirects',$own_rewrite_rules);
			}
			if(count($local_rewrite_rules) > 0) {
			$tpl->setLoop('local_redirects',$local_rewrite_rules);
			}
			if(count($alias_seo_redirects) > 0) {
			$tpl->setLoop('alias_seo_redirects',$alias_seo_redirects);
			}