diff --git a/admin_customers.php b/admin_customers.php
index 39ee45e0..87c7f0d4 100644
--- a/admin_customers.php
+++ b/admin_customers.php
@@ -809,7 +809,7 @@ if ($page == 'customers'
 							'customerid' => $customerid,
 							'groupname' => $loginname,
 							'guid' => $guid,
-							'members' => $loginname
+							'members' => $loginname.','.$settings['system']['httpuser']
 					);
 					Database::pexecute($ins_stmt, $ins_data);
 					// FTP-Quotatallies
diff --git a/install/updates/froxlor/0.9/update_0.9.inc.php b/install/updates/froxlor/0.9/update_0.9.inc.php
index 330e326d..39f24133 100644
--- a/install/updates/froxlor/0.9/update_0.9.inc.php
+++ b/install/updates/froxlor/0.9/update_0.9.inc.php
@@ -2537,7 +2537,7 @@ if (isFroxlorVersion('0.9.31-rc1')) {
 
 if (isFroxlorVersion('0.9.31-rc2')) {
 
-	showUpdateStep("Updating from 0.9.31-rc1 to 0.9.31-rc99");
+	showUpdateStep("Updating from 0.9.31-rc2 to 0.9.31-rc99");
 	lastStepStatus(0);
 
 	showUpdateStep("Removing APS-module (deprecated)");
@@ -2582,5 +2582,9 @@ if (isFroxlorVersion('0.9.31-rc2')) {
 	Database::query("DROP TABLE IF EXISTS `mail_autoresponder`;");
 	lastStepStatus(0);
 
+	showUpdateStep("Updating ftp-groups entries");
+	Database::query("UPDATE `".TABLE_FTP_GROUPS."` SET `members` = CONCAT(`members`, ',".$settings['system']['httpuser']."');");
+	lastStepStatus(0);
+
 	updateToVersion('0.9.31-rc99');
 }
diff --git a/scripts/jobs/cron_tasks.php b/scripts/jobs/cron_tasks.php
index 4bbd991f..2ec26564 100644
--- a/scripts/jobs/cron_tasks.php
+++ b/scripts/jobs/cron_tasks.php
@@ -143,6 +143,8 @@ while ($row = $result_tasks_stmt->fetch(PDO::FETCH_ASSOC)) {
 
 			$cronlog->logAction(CRON_ACTION, LOG_NOTICE, 'Running: chown -R ' . (int)$row['data']['uid'] . ':' . (int)$row['data']['gid'] . ' ' . escapeshellarg($userhomedir));
 			safe_exec('chown -R ' . (int)$row['data']['uid'] . ':' . (int)$row['data']['gid'] . ' ' . escapeshellarg($userhomedir));
+			// don't allow others to access the directory (webserver will be in the users' group)
+			safe_exec('chmod 0750 ' . escapeshellarg($userhomedir));
 			$cronlog->logAction(CRON_ACTION, LOG_NOTICE, 'Running: chown -R ' . (int)$settings['system']['vmail_uid'] . ':' . (int)$settings['system']['vmail_gid'] . ' ' . escapeshellarg($usermaildir));
 			safe_exec('chown -R ' . (int)$settings['system']['vmail_uid'] . ':' . (int)$settings['system']['vmail_gid'] . ' ' . escapeshellarg($usermaildir));
 		}