With letsencrypt=1 enabled globally, you might want to deny access to LetsEncrypt for specific Users. With this change, you can do so by adding: letsencrypt=0 to their user.conf at: /usr/local/directadmin/data/users/username/user.conf and if present in the user.conf, it will override the loaded global value. Note that this only applies to the interface, and does not affect background/dataskq actions. So this will not work to globally have it shut off, if you're trying to enable it for 1 User, for example. The background checks must have it enabled globally to work. This is a very crude implementation and does nothing more than shut off the letsencrypt options in the interface for this User. It will also block any LE requests made by the User, since it will appear to be shut off for any call to CMD_SSL or CMD_API_SSL.