diff --git a/conf/main_ipv4.conf.sample b/conf/main_ipv4.conf.sample
index c876967..78772c1 100644
--- a/conf/main_ipv4.conf.sample
+++ b/conf/main_ipv4.conf.sample
@@ -331,6 +331,19 @@ forward_http_server_ips=""
 http_ports="$standard_http_ports"
 
 
+# - LOG CGI script Traffic out
+# -
+log_cgi_traffic_out=false
+
+# - cgi_script_users
+# -
+# - List of CGI script users (suexec user, php-fpm user. ...)
+# -
+# - Blank separated list
+# -
+cgi_script_users=""
+
+
 # - Mattermost (MM) Service
 # -
 mm_server_ips=""
diff --git a/conf/main_ipv6.conf.sample b/conf/main_ipv6.conf.sample
index 1a069a0..08502de 100644
--- a/conf/main_ipv6.conf.sample
+++ b/conf/main_ipv6.conf.sample
@@ -347,6 +347,19 @@ forward_http_server_ips=""
 http_ports="$standard_http_ports"
 
 
+# - LOG CGI script Traffic out
+# -
+log_cgi_traffic_out=false
+
+# - cgi_script_users
+# -
+# - List of CGI script users (suexec user, php-fpm user. ...)
+# -
+# - Blank separated list
+# -
+cgi_script_users=""
+
+
 # - Mattermost (MM) Service
 # -
 mm_server_ips=""
diff --git a/conf/post_decalrations.conf b/conf/post_decalrations.conf
index 85f45ab..935adbd 100644
--- a/conf/post_decalrations.conf
+++ b/conf/post_decalrations.conf
@@ -45,6 +45,16 @@ for _ip in $log_ips ; do
    log_ip_arr+=("$_ip")
 done
 
+
+# ---
+# - LOG CGI script Traffic out
+# ---
+declare -a cgi_script_user_arr=()
+for _user in $cgi_script_users ; do
+   cgi_script_user_arr+=($_user)
+done
+
+
 # ---
 # - IP-Addresses (Host, Guests (VServer, LX_Container)
 # ---
diff --git a/ip6t-firewall-server b/ip6t-firewall-server
index cb5a801..7440f64 100755
--- a/ip6t-firewall-server
+++ b/ip6t-firewall-server
@@ -1077,6 +1077,26 @@ fi
 echo_done
 
 
+# ---
+# - LOG CGI script Traffic out
+# ---
+
+echo
+echononl "\tLOG CGI/PHP traffic out."
+
+if $log_cgi_traffic_out && [[ ${#cgi_script_user_arr[@]} -gt 0 ]] ; then
+   for _dev in ${ext_if_arr[@]} ; do
+      for _user in ${cgi_script_user_arr[@]} ; do
+         $ip6t -A OUTPUT -o $_dev -m owner --uid-owner $_user -j $LOG_TARGET $tag_log_prefix "$log_prefix $_user PHP-OUT: "
+      done
+   done
+   echo_done
+else
+   echo_skipped
+fi
+echo
+
+
 # -------------
 # --- Allow all outgoing traffic
 # -------------
diff --git a/ipt-firewall-server b/ipt-firewall-server
index 85e8fd7..3544775 100755
--- a/ipt-firewall-server
+++ b/ipt-firewall-server
@@ -1231,6 +1231,26 @@ fi
 echo_done
 
 
+# ---
+# - LOG CGI script Traffic out
+# ---
+
+echo
+echononl "\tLOG CGI/PHP traffic out."
+
+if $log_cgi_traffic_out && [[ ${#cgi_script_user_arr[@]} -gt 0 ]] ; then
+   for _dev in ${ext_if_arr[@]} ; do
+      for _user in ${cgi_script_user_arr[@]} ; do
+         $ipt -A OUTPUT -o $_dev -m owner --uid-owner $_user -j $LOG_TARGET $tag_log_prefix "$log_prefix $_user PHP-OUT: "
+      done
+   done
+   echo_done
+else
+   echo_skipped
+fi
+echo
+
+
 # -------------
 # --- Allow all outgoing traffic
 # -------------