diff --git a/WebsitePanel/Lib/AntiXssLibrary.dll b/WebsitePanel/Lib/AntiXssLibrary.dll
index 53c0be4e..c5e3b343 100644
Binary files a/WebsitePanel/Lib/AntiXssLibrary.dll and b/WebsitePanel/Lib/AntiXssLibrary.dll differ
diff --git a/WebsitePanel/Sources/WebsitePanel.WebPortal/Default.aspx.cs b/WebsitePanel/Sources/WebsitePanel.WebPortal/Default.aspx.cs
index c6dd5693..b831b110 100644
--- a/WebsitePanel/Sources/WebsitePanel.WebPortal/Default.aspx.cs
+++ b/WebsitePanel/Sources/WebsitePanel.WebPortal/Default.aspx.cs
@@ -387,7 +387,7 @@ namespace WebsitePanel.WebPortal
         {
             Label lbl = new Label();
             lbl.Text =
-                AntiXss.HtmlEncode("<div style=\"height:300px;overflow:auto;\">" + message.Replace("\n", "<br>") +
+                Microsoft.Security.Application.Encoder.HtmlEncode("<div style=\"height:300px;overflow:auto;\">" + message.Replace("\n", "<br>") +
                                    "</div>");
             lbl.ForeColor = Color.Red;
             lbl.Font.Bold = true;
diff --git a/WebsitePanel/Sources/WebsitePanel.WebPortal/DesktopModules/WebsitePanel/DiskspaceReportPackageDetails.ascx.cs b/WebsitePanel/Sources/WebsitePanel.WebPortal/DesktopModules/WebsitePanel/DiskspaceReportPackageDetails.ascx.cs
index a4a4c25e..6e709956 100644
--- a/WebsitePanel/Sources/WebsitePanel.WebPortal/DesktopModules/WebsitePanel/DiskspaceReportPackageDetails.ascx.cs
+++ b/WebsitePanel/Sources/WebsitePanel.WebPortal/DesktopModules/WebsitePanel/DiskspaceReportPackageDetails.ascx.cs
@@ -94,7 +94,7 @@ namespace WebsitePanel.Portal
                 i++;
             }
 
-            litTotal.Text = AntiXss.HtmlEncode(DiskspaceTotal.ToString());
+            litTotal.Text = Microsoft.Security.Application.Encoder.HtmlEncode(DiskspaceTotal.ToString());
 
             // get summary
             gvSummary.DataSource = ds;
diff --git a/WebsitePanel/Sources/WebsitePanel.WebPortal/DesktopModules/WebsitePanel/ExchangeServer/ExchangeContactGeneralSettings.ascx.cs b/WebsitePanel/Sources/WebsitePanel.WebPortal/DesktopModules/WebsitePanel/ExchangeServer/ExchangeContactGeneralSettings.ascx.cs
index 3237f9b2..ebc64bfa 100644
--- a/WebsitePanel/Sources/WebsitePanel.WebPortal/DesktopModules/WebsitePanel/ExchangeServer/ExchangeContactGeneralSettings.ascx.cs
+++ b/WebsitePanel/Sources/WebsitePanel.WebPortal/DesktopModules/WebsitePanel/ExchangeServer/ExchangeContactGeneralSettings.ascx.cs
@@ -64,7 +64,7 @@ namespace WebsitePanel.Portal.ExchangeServer
                 ExchangeContact contact = ES.Services.ExchangeServer.GetContactGeneralSettings(PanelRequest.ItemID,
                     PanelRequest.AccountID);
 
-                litDisplayName.Text = AntiXss.HtmlEncode(contact.DisplayName);
+                litDisplayName.Text = Microsoft.Security.Application.Encoder.HtmlEncode(contact.DisplayName);
 
                 // bind form
                 txtDisplayName.Text = contact.DisplayName;
@@ -146,7 +146,7 @@ namespace WebsitePanel.Portal.ExchangeServer
                     return;
                 }
 
-                litDisplayName.Text = AntiXss.HtmlEncode(txtDisplayName.Text);
+                litDisplayName.Text = Microsoft.Security.Application.Encoder.HtmlEncode(txtDisplayName.Text);
 
                 messageBox.ShowSuccessMessage("EXCHANGE_UPDATE_CONTACT_SETTINGS");
             }
diff --git a/WebsitePanel/Sources/WebsitePanel.WebPortal/DesktopModules/WebsitePanel/ExchangeServer/ExchangeDistributionListGeneralSettings.ascx.cs b/WebsitePanel/Sources/WebsitePanel.WebPortal/DesktopModules/WebsitePanel/ExchangeServer/ExchangeDistributionListGeneralSettings.ascx.cs
index 4382712e..bdf839bf 100644
--- a/WebsitePanel/Sources/WebsitePanel.WebPortal/DesktopModules/WebsitePanel/ExchangeServer/ExchangeDistributionListGeneralSettings.ascx.cs
+++ b/WebsitePanel/Sources/WebsitePanel.WebPortal/DesktopModules/WebsitePanel/ExchangeServer/ExchangeDistributionListGeneralSettings.ascx.cs
@@ -105,7 +105,7 @@ namespace WebsitePanel.Portal.ExchangeServer
                     return;
                 }
 
-                litDisplayName.Text = AntiXss.HtmlEncode(txtDisplayName.Text);
+                litDisplayName.Text = Microsoft.Security.Application.Encoder.HtmlEncode(txtDisplayName.Text);
 
                 messageBox.ShowSuccessMessage("EXCHANGE_UPDATE_DLIST_SETTINGS");
             }
diff --git a/WebsitePanel/Sources/WebsitePanel.WebPortal/DesktopModules/WebsitePanel/ExchangeServer/ExchangePublicFolderGeneralSettings.ascx.cs b/WebsitePanel/Sources/WebsitePanel.WebPortal/DesktopModules/WebsitePanel/ExchangeServer/ExchangePublicFolderGeneralSettings.ascx.cs
index 0be3addb..708b7774 100644
--- a/WebsitePanel/Sources/WebsitePanel.WebPortal/DesktopModules/WebsitePanel/ExchangeServer/ExchangePublicFolderGeneralSettings.ascx.cs
+++ b/WebsitePanel/Sources/WebsitePanel.WebPortal/DesktopModules/WebsitePanel/ExchangeServer/ExchangePublicFolderGeneralSettings.ascx.cs
@@ -120,7 +120,7 @@ namespace WebsitePanel.Portal.ExchangeServer
                 string origName = litDisplayName.Text;
                 origName = origName.Substring(0, origName.LastIndexOf("\\"));
 
-                litDisplayName.Text = AntiXss.HtmlEncode(origName + txtName.Text);
+                litDisplayName.Text = Microsoft.Security.Application.Encoder.HtmlEncode(origName + txtName.Text);
 
 				BindSettings();
             }
diff --git a/WebsitePanel/Sources/WebsitePanel.WebPortal/DesktopModules/WebsitePanel/ExchangeServer/OrganizationUserGeneralSettings.ascx.cs b/WebsitePanel/Sources/WebsitePanel.WebPortal/DesktopModules/WebsitePanel/ExchangeServer/OrganizationUserGeneralSettings.ascx.cs
index 3d425536..b58fbea9 100644
--- a/WebsitePanel/Sources/WebsitePanel.WebPortal/DesktopModules/WebsitePanel/ExchangeServer/OrganizationUserGeneralSettings.ascx.cs
+++ b/WebsitePanel/Sources/WebsitePanel.WebPortal/DesktopModules/WebsitePanel/ExchangeServer/OrganizationUserGeneralSettings.ascx.cs
@@ -70,7 +70,7 @@ namespace WebsitePanel.Portal.HostedSolution
                 OrganizationUser user = ES.Services.Organizations.GetUserGeneralSettings(PanelRequest.ItemID,
                     PanelRequest.AccountID);
 
-                litDisplayName.Text = AntiXss.HtmlEncode(user.DisplayName);
+                litDisplayName.Text = Microsoft.Security.Application.Encoder.HtmlEncode(user.DisplayName);
 
                 lblUserDomainName.Text = user.DomainUserName;
 
diff --git a/WebsitePanel/Sources/WebsitePanel.WebPortal/DesktopModules/WebsitePanel/HostingAddonsEditAddon.ascx.cs b/WebsitePanel/Sources/WebsitePanel.WebPortal/DesktopModules/WebsitePanel/HostingAddonsEditAddon.ascx.cs
index c35c1158..ee7df6f3 100644
--- a/WebsitePanel/Sources/WebsitePanel.WebPortal/DesktopModules/WebsitePanel/HostingAddonsEditAddon.ascx.cs
+++ b/WebsitePanel/Sources/WebsitePanel.WebPortal/DesktopModules/WebsitePanel/HostingAddonsEditAddon.ascx.cs
@@ -144,7 +144,7 @@ namespace WebsitePanel.Portal
                 try
                 {
                     PackageResult result = ES.Services.Packages.UpdateHostingPlan(plan);
-                    lblMessage.Text = AntiXss.HtmlEncode(GetExceedingQuotasMessage(result.ExceedingQuotas));
+                    lblMessage.Text = Microsoft.Security.Application.Encoder.HtmlEncode(GetExceedingQuotasMessage(result.ExceedingQuotas));
                     if (result.Result < 0)
                     {
                         ShowResultMessage(result.Result);
diff --git a/WebsitePanel/Sources/WebsitePanel.WebPortal/DesktopModules/WebsitePanel/HostingPlansEditPlan.ascx.cs b/WebsitePanel/Sources/WebsitePanel.WebPortal/DesktopModules/WebsitePanel/HostingPlansEditPlan.ascx.cs
index 7077c680..61ecfb3f 100644
--- a/WebsitePanel/Sources/WebsitePanel.WebPortal/DesktopModules/WebsitePanel/HostingPlansEditPlan.ascx.cs
+++ b/WebsitePanel/Sources/WebsitePanel.WebPortal/DesktopModules/WebsitePanel/HostingPlansEditPlan.ascx.cs
@@ -196,7 +196,7 @@ namespace WebsitePanel.Portal
                     if (result.Result < 0)
                     {
                         ShowResultMessage(result.Result);
-                        lblMessage.Text = AntiXss.HtmlEncode(GetExceedingQuotasMessage(result.ExceedingQuotas));
+                        lblMessage.Text = Microsoft.Security.Application.Encoder.HtmlEncode(GetExceedingQuotasMessage(result.ExceedingQuotas));
                         return;
                     }
                 }
diff --git a/WebsitePanel/Sources/WebsitePanel.WebPortal/DesktopModules/WebsitePanel/PeersEditPeer.ascx.cs b/WebsitePanel/Sources/WebsitePanel.WebPortal/DesktopModules/WebsitePanel/PeersEditPeer.ascx.cs
index 21abeaa7..6750e309 100644
--- a/WebsitePanel/Sources/WebsitePanel.WebPortal/DesktopModules/WebsitePanel/PeersEditPeer.ascx.cs
+++ b/WebsitePanel/Sources/WebsitePanel.WebPortal/DesktopModules/WebsitePanel/PeersEditPeer.ascx.cs
@@ -38,7 +38,7 @@ using System.Web.UI;
 using System.Web.UI.WebControls;
 using System.Web.UI.WebControls.WebParts;
 using System.Web.UI.HtmlControls;
-
+using Microsoft.Security.Application;
 using WebsitePanel.EnterpriseServer;
 
 namespace WebsitePanel.Portal
diff --git a/WebsitePanel/Sources/WebsitePanel.WebPortal/DesktopModules/WebsitePanel/SchedulesEditSchedule.ascx.cs b/WebsitePanel/Sources/WebsitePanel.WebPortal/DesktopModules/WebsitePanel/SchedulesEditSchedule.ascx.cs
index edcf60a8..31ce11ba 100644
--- a/WebsitePanel/Sources/WebsitePanel.WebPortal/DesktopModules/WebsitePanel/SchedulesEditSchedule.ascx.cs
+++ b/WebsitePanel/Sources/WebsitePanel.WebPortal/DesktopModules/WebsitePanel/SchedulesEditSchedule.ascx.cs
@@ -151,7 +151,7 @@ namespace WebsitePanel.Portal
 					// The view does not provide ability to set and get parameters.
 					return null;
 				}
-				view.ID = AntiXss.HtmlEncode(taskId);
+				view.ID = Microsoft.Security.Application.Encoder.HtmlEncode(taskId);
 				view.Visible = visible;
 				view.EnableTheming = true;
 				this.TaskParametersPlaceHolder.Controls.Add(view);
diff --git a/WebsitePanel/Sources/WebsitePanel.WebPortal/DesktopModules/WebsitePanel/SpaceEditAddon.ascx.cs b/WebsitePanel/Sources/WebsitePanel.WebPortal/DesktopModules/WebsitePanel/SpaceEditAddon.ascx.cs
index 10b37369..e1404595 100644
--- a/WebsitePanel/Sources/WebsitePanel.WebPortal/DesktopModules/WebsitePanel/SpaceEditAddon.ascx.cs
+++ b/WebsitePanel/Sources/WebsitePanel.WebPortal/DesktopModules/WebsitePanel/SpaceEditAddon.ascx.cs
@@ -137,7 +137,7 @@ namespace WebsitePanel.Portal
                     if (result.Result < 0)
                     {
                         ShowResultMessage(result.Result);
-                        lblMessage.Text = AntiXss.HtmlEncode(GetExceedingQuotasMessage(result.ExceedingQuotas));
+                        lblMessage.Text = Microsoft.Security.Application.Encoder.HtmlEncode(GetExceedingQuotasMessage(result.ExceedingQuotas));
                         return;
                     }
                 }
@@ -156,7 +156,7 @@ namespace WebsitePanel.Portal
                     if (result.Result < 0)
                     {
                         ShowResultMessage(result.Result);
-                        lblMessage.Text = AntiXss.HtmlEncode(GetExceedingQuotasMessage(result.ExceedingQuotas));
+                        lblMessage.Text = Microsoft.Security.Application.Encoder.HtmlEncode(GetExceedingQuotasMessage(result.ExceedingQuotas));
                         return;
                     }
                 }
diff --git a/WebsitePanel/Sources/WebsitePanel.WebPortal/DesktopModules/WebsitePanel/SpaceEditDetails.ascx.cs b/WebsitePanel/Sources/WebsitePanel.WebPortal/DesktopModules/WebsitePanel/SpaceEditDetails.ascx.cs
index f86fe33f..43fc8c38 100644
--- a/WebsitePanel/Sources/WebsitePanel.WebPortal/DesktopModules/WebsitePanel/SpaceEditDetails.ascx.cs
+++ b/WebsitePanel/Sources/WebsitePanel.WebPortal/DesktopModules/WebsitePanel/SpaceEditDetails.ascx.cs
@@ -129,7 +129,7 @@ namespace WebsitePanel.Portal
                 if (result.Result < 0)
                 {
                     ShowResultMessage(result.Result);
-                    lblMessage.Text = AntiXss.HtmlEncode(GetExceedingQuotasMessage(result.ExceedingQuotas));
+                    lblMessage.Text = Microsoft.Security.Application.Encoder.HtmlEncode(GetExceedingQuotasMessage(result.ExceedingQuotas));
                     return;
                 }
             }
diff --git a/WebsitePanel/Sources/WebsitePanel.WebPortal/DesktopModules/WebsitePanel/SpaceNestedSpacesSummary.ascx.cs b/WebsitePanel/Sources/WebsitePanel.WebPortal/DesktopModules/WebsitePanel/SpaceNestedSpacesSummary.ascx.cs
index 7884e70c..704920e9 100644
--- a/WebsitePanel/Sources/WebsitePanel.WebPortal/DesktopModules/WebsitePanel/SpaceNestedSpacesSummary.ascx.cs
+++ b/WebsitePanel/Sources/WebsitePanel.WebPortal/DesktopModules/WebsitePanel/SpaceNestedSpacesSummary.ascx.cs
@@ -60,7 +60,7 @@ namespace WebsitePanel.Portal
             DataSet dsSpaces = ES.Services.Packages.GetNestedPackagesSummary(PanelSecurity.PackageId);
 
             // all customers
-            lnkAllSpaces.Text = AntiXss.HtmlEncode(String.Format("All Spaces ({0})", dsSpaces.Tables[0].Rows[0]["PackagesNumber"]));
+            lnkAllSpaces.Text = Microsoft.Security.Application.Encoder.HtmlEncode(String.Format("All Spaces ({0})", dsSpaces.Tables[0].Rows[0]["PackagesNumber"]));
 
             // by status
             repSpaceStatuses.DataSource = dsSpaces.Tables[1];
diff --git a/WebsitePanel/Sources/WebsitePanel.WebPortal/DesktopModules/WebsitePanel/UserControls/AuditLogControl.ascx.cs b/WebsitePanel/Sources/WebsitePanel.WebPortal/DesktopModules/WebsitePanel/UserControls/AuditLogControl.ascx.cs
index 46f848e9..e1f11697 100644
--- a/WebsitePanel/Sources/WebsitePanel.WebPortal/DesktopModules/WebsitePanel/UserControls/AuditLogControl.ascx.cs
+++ b/WebsitePanel/Sources/WebsitePanel.WebPortal/DesktopModules/WebsitePanel/UserControls/AuditLogControl.ascx.cs
@@ -185,9 +185,9 @@ namespace WebsitePanel.Portal.UserControls
 					GetAuditLogSourceName((string)dr["SourceName"]));
                 // Task
 				sb.AppendFormat("\"{0}\",", 
-					AntiXss.HtmlEncode(GetAuditLogTaskName((string)dr["SourceName"], (string)dr["TaskName"])));
+					Microsoft.Security.Application.Encoder.HtmlEncode(GetAuditLogTaskName((string)dr["SourceName"], (string)dr["TaskName"])));
 				// Item-Name
-                sb.AppendFormat("\"{0}\",", AntiXss.HtmlEncode(dr["ItemName"].ToString()));
+                sb.AppendFormat("\"{0}\",", Microsoft.Security.Application.Encoder.HtmlEncode(dr["ItemName"].ToString()));
 				// Execution-Log
 				string executionLog = FormatPlainTextExecutionLog(
 					dr["ExecutionLog"].ToString(), DateTime.Parse(dr["StartDate"].ToString()));
diff --git a/WebsitePanel/Sources/WebsitePanel.WebPortal/DesktopModules/WebsitePanel/UserControls/Comments.ascx.cs b/WebsitePanel/Sources/WebsitePanel.WebPortal/DesktopModules/WebsitePanel/UserControls/Comments.ascx.cs
index e06e5f4b..b4396825 100644
--- a/WebsitePanel/Sources/WebsitePanel.WebPortal/DesktopModules/WebsitePanel/UserControls/Comments.ascx.cs
+++ b/WebsitePanel/Sources/WebsitePanel.WebPortal/DesktopModules/WebsitePanel/UserControls/Comments.ascx.cs
@@ -66,8 +66,8 @@ namespace WebsitePanel.Portal
             if (!String.IsNullOrEmpty(Comments))
             {
                 // escape symbols
-				imgView.AlternateText = Comments;// Comments.Replace("\n", "<br/>").Replace("\r", "");//.Replace(" ", "&nbsp;");
-				imgView.ToolTip = Comments;
+                imgView.AlternateText = Server.HtmlDecode(Comments);// Comments.Replace("\n", "<br/>").Replace("\r", "");//.Replace(" ", "&nbsp;");
+				imgView.ToolTip = Server.HtmlDecode(Comments);
                     //.Replace("\n", "<br/>");
             }
             else
diff --git a/WebsitePanel/Sources/WebsitePanel.WebPortal/DesktopModules/WebsitePanel/UserControls/MessageBox.ascx.cs b/WebsitePanel/Sources/WebsitePanel.WebPortal/DesktopModules/WebsitePanel/UserControls/MessageBox.ascx.cs
index 0ad2e599..a3ff3ac2 100644
--- a/WebsitePanel/Sources/WebsitePanel.WebPortal/DesktopModules/WebsitePanel/UserControls/MessageBox.ascx.cs
+++ b/WebsitePanel/Sources/WebsitePanel.WebPortal/DesktopModules/WebsitePanel/UserControls/MessageBox.ascx.cs
@@ -81,7 +81,7 @@ namespace WebsitePanel.Portal
                 try
                 {
                     // technical details
-                    litPageUrl.Text = AntiXss.HtmlEncode(Request.Url.ToString());
+                    litPageUrl.Text = Microsoft.Security.Application.Encoder.HtmlEncode(Request.Url.ToString());
                     litLoggedUser.Text = PanelSecurity.LoggedUser.Username;
                     litSelectedUser.Text = PanelSecurity.SelectedUser.Username;
                     litPackageName.Text = PanelSecurity.PackageId.ToString();
diff --git a/WebsitePanel/Sources/WebsitePanel.WebPortal/DesktopModules/WebsitePanel/UserControls/UsernameControl.ascx.cs b/WebsitePanel/Sources/WebsitePanel.WebPortal/DesktopModules/WebsitePanel/UserControls/UsernameControl.ascx.cs
index b6d2a4e8..d7c51f25 100644
--- a/WebsitePanel/Sources/WebsitePanel.WebPortal/DesktopModules/WebsitePanel/UserControls/UsernameControl.ascx.cs
+++ b/WebsitePanel/Sources/WebsitePanel.WebPortal/DesktopModules/WebsitePanel/UserControls/UsernameControl.ascx.cs
@@ -71,7 +71,7 @@ namespace WebsitePanel.Portal
         public string Text
         {
             get { return EditMode ? txtName.Text.Trim() : litPrefix.Text + txtName.Text.Trim() + litSuffix.Text; }
-            set { txtName.Text = value; lblName.Text = AntiXss.HtmlEncode(value); }
+            set { txtName.Text = value; lblName.Text = Microsoft.Security.Application.Encoder.HtmlEncode(value); }
         }
 
         private UserInfo PolicyUser
diff --git a/WebsitePanel/Sources/WebsitePanel.WebPortal/DesktopModules/WebsitePanel/UserCreateSpace.ascx.cs b/WebsitePanel/Sources/WebsitePanel.WebPortal/DesktopModules/WebsitePanel/UserCreateSpace.ascx.cs
index f6ada2d5..85aad4b9 100644
--- a/WebsitePanel/Sources/WebsitePanel.WebPortal/DesktopModules/WebsitePanel/UserCreateSpace.ascx.cs
+++ b/WebsitePanel/Sources/WebsitePanel.WebPortal/DesktopModules/WebsitePanel/UserCreateSpace.ascx.cs
@@ -136,7 +136,7 @@ namespace WebsitePanel.Portal
                 if (result.Result < 0)
                 {
                     ShowResultMessage(result.Result);
-                    lblMessage.Text = AntiXss.HtmlEncode(GetExceedingQuotasMessage(result.ExceedingQuotas));
+                    lblMessage.Text = Microsoft.Security.Application.Encoder.HtmlEncode(GetExceedingQuotasMessage(result.ExceedingQuotas));
                     return;
                 }
                 else
diff --git a/WebsitePanel/Sources/WebsitePanel.WebPortal/DesktopModules/WebsitePanel/UserCustomersSummary.ascx.cs b/WebsitePanel/Sources/WebsitePanel.WebPortal/DesktopModules/WebsitePanel/UserCustomersSummary.ascx.cs
index c83e60b2..c545be87 100644
--- a/WebsitePanel/Sources/WebsitePanel.WebPortal/DesktopModules/WebsitePanel/UserCustomersSummary.ascx.cs
+++ b/WebsitePanel/Sources/WebsitePanel.WebPortal/DesktopModules/WebsitePanel/UserCustomersSummary.ascx.cs
@@ -52,7 +52,7 @@ namespace WebsitePanel.Portal
             DataSet dsUsers = ES.Services.Users.GetUsersSummary(PanelSecurity.SelectedUserId);
 
             // all customers
-			lnkAllCustomers.Text = AntiXss.HtmlEncode(String.Format(GetLocalizedString("AllCustomers.Text"),
+			lnkAllCustomers.Text = Microsoft.Security.Application.Encoder.HtmlEncode(String.Format(GetLocalizedString("AllCustomers.Text"),
 				dsUsers.Tables[0].Rows[0]["UsersNumber"]));
 
             // by status
diff --git a/WebsitePanel/Sources/WebsitePanel.WebPortal/DesktopModules/WebsitePanel/VPS/VdcCreateServer.ascx.cs b/WebsitePanel/Sources/WebsitePanel.WebPortal/DesktopModules/WebsitePanel/VPS/VdcCreateServer.ascx.cs
index 20ef683f..7ef86290 100644
--- a/WebsitePanel/Sources/WebsitePanel.WebPortal/DesktopModules/WebsitePanel/VPS/VdcCreateServer.ascx.cs
+++ b/WebsitePanel/Sources/WebsitePanel.WebPortal/DesktopModules/WebsitePanel/VPS/VdcCreateServer.ascx.cs
@@ -239,17 +239,17 @@ namespace WebsitePanel.Portal.VPS
         private void BindSummary()
         {
             // general
-            litHostname.Text =  AntiXss.HtmlEncode(String.Format("{0}.{1}", txtHostname.Text.Trim(), txtDomain.Text.Trim()));
+            litHostname.Text =  Microsoft.Security.Application.Encoder.HtmlEncode(String.Format("{0}.{1}", txtHostname.Text.Trim(), txtDomain.Text.Trim()));
             litOperatingSystem.Text = listOperatingSystems.SelectedItem.Text;
 
-            litSummaryEmail.Text = AntiXss.HtmlEncode(txtSummaryEmail.Text.Trim());
+            litSummaryEmail.Text = Microsoft.Security.Application.Encoder.HtmlEncode(txtSummaryEmail.Text.Trim());
             SummSummaryEmailRow.Visible = chkSendSummary.Checked;
 
             // config
-            litCpu.Text = AntiXss.HtmlEncode(ddlCpu.SelectedValue);
-            litRam.Text = AntiXss.HtmlEncode(txtRam.Text.Trim());
-            litHdd.Text = AntiXss.HtmlEncode(txtHdd.Text.Trim());
-            litSnapshots.Text = AntiXss.HtmlEncode(txtSnapshots.Text.Trim());
+            litCpu.Text = Microsoft.Security.Application.Encoder.HtmlEncode(ddlCpu.SelectedValue);
+            litRam.Text = Microsoft.Security.Application.Encoder.HtmlEncode(txtRam.Text.Trim());
+            litHdd.Text = Microsoft.Security.Application.Encoder.HtmlEncode(txtHdd.Text.Trim());
+            litSnapshots.Text = Microsoft.Security.Application.Encoder.HtmlEncode(txtSnapshots.Text.Trim());
             optionDvdInstalled.Value = chkDvdInstalled.Checked;
             optionBootFromCd.Value = chkBootFromCd.Checked;
             optionNumLock.Value = chkNumLock.Checked;
@@ -262,23 +262,23 @@ namespace WebsitePanel.Portal.VPS
             // external network
             optionExternalNetwork.Value = chkExternalNetworkEnabled.Checked;
             SummExternalAddressesNumberRow.Visible = radioExternalRandom.Checked && chkExternalNetworkEnabled.Checked;
-            litExternalAddressesNumber.Text = AntiXss.HtmlEncode(txtExternalAddressesNumber.Text.Trim());
+            litExternalAddressesNumber.Text = Microsoft.Security.Application.Encoder.HtmlEncode(txtExternalAddressesNumber.Text.Trim());
             SummExternalAddressesListRow.Visible = radioExternalSelected.Checked && chkExternalNetworkEnabled.Checked;
 
             List<string> ipAddresses = new List<string>();
             foreach (ListItem li in listExternalAddresses.Items)
                 if (li.Selected)
                     ipAddresses.Add(li.Text);
-            litExternalAddresses.Text = AntiXss.HtmlEncode(String.Join(", ", ipAddresses.ToArray()));
+            litExternalAddresses.Text = Microsoft.Security.Application.Encoder.HtmlEncode(String.Join(", ", ipAddresses.ToArray()));
 
             // private network
             optionPrivateNetwork.Value = chkPrivateNetworkEnabled.Checked;
             SummPrivateAddressesNumberRow.Visible = radioPrivateRandom.Checked && chkPrivateNetworkEnabled.Checked && (ViewState["DHCP"] == null);
-            litPrivateAddressesNumber.Text = AntiXss.HtmlEncode(txtPrivateAddressesNumber.Text.Trim());
+            litPrivateAddressesNumber.Text = Microsoft.Security.Application.Encoder.HtmlEncode(txtPrivateAddressesNumber.Text.Trim());
             SummPrivateAddressesListRow.Visible = radioPrivateSelected.Checked && chkPrivateNetworkEnabled.Checked && (ViewState["DHCP"] == null);
 
             string[] privIps = Utils.ParseDelimitedString(txtPrivateAddressesList.Text, '\n', '\r', ' ', '\t');
-            litPrivateAddressesList.Text = AntiXss.HtmlEncode(String.Join(", ", privIps));
+            litPrivateAddressesList.Text = Microsoft.Security.Application.Encoder.HtmlEncode(String.Join(", ", privIps));
         }
 
         protected void wizard_FinishButtonClick(object sender, WizardNavigationEventArgs e)
diff --git a/WebsitePanel/Sources/WebsitePanel.WebPortal/DesktopModules/WebsitePanel/VPSForPC/VdcCreateServer.ascx.cs b/WebsitePanel/Sources/WebsitePanel.WebPortal/DesktopModules/WebsitePanel/VPSForPC/VdcCreateServer.ascx.cs
index b79b834e..3d76e977 100644
--- a/WebsitePanel/Sources/WebsitePanel.WebPortal/DesktopModules/WebsitePanel/VPSForPC/VdcCreateServer.ascx.cs
+++ b/WebsitePanel/Sources/WebsitePanel.WebPortal/DesktopModules/WebsitePanel/VPSForPC/VdcCreateServer.ascx.cs
@@ -264,17 +264,17 @@ namespace WebsitePanel.Portal.VPSForPC
 		{
 			// general
 			litHostname.Text = txtVmName.Text.Trim();
-			//            litHostname.Text =  AntiXss.HtmlEncode(String.Format("{0}.{1}", txtHostname.Text.Trim(), txtDomain.Text.Trim()));
+			//            litHostname.Text =  Microsoft.Security.Application.Encoder.HtmlEncode(String.Format("{0}.{1}", txtHostname.Text.Trim(), txtDomain.Text.Trim()));
 			litOperatingSystem.Text = listOperatingSystems.SelectedItem.Text;
 
-			litSummaryEmail.Text = AntiXss.HtmlEncode(txtSummaryEmail.Text.Trim());
+			litSummaryEmail.Text = Microsoft.Security.Application.Encoder.HtmlEncode(txtSummaryEmail.Text.Trim());
 			SummSummaryEmailRow.Visible = chkSendSummary.Checked;
 
 			// config
-			litCpu.Text = AntiXss.HtmlEncode(ddlCpu.SelectedValue);
-			litRam.Text = AntiXss.HtmlEncode(txtRam.Text.Trim());
-			litHdd.Text = AntiXss.HtmlEncode(txtHdd.Text.Trim());
-			//litSnapshots.Text = AntiXss.HtmlEncode(txtSnapshots.Text.Trim());
+			litCpu.Text = Microsoft.Security.Application.Encoder.HtmlEncode(ddlCpu.SelectedValue);
+			litRam.Text = Microsoft.Security.Application.Encoder.HtmlEncode(txtRam.Text.Trim());
+			litHdd.Text = Microsoft.Security.Application.Encoder.HtmlEncode(txtHdd.Text.Trim());
+			//litSnapshots.Text = Microsoft.Security.Application.Encoder.HtmlEncode(txtSnapshots.Text.Trim());
 			//optionDvdInstalled.Value = chkDvdInstalled.Checked;
 			//optionBootFromCd.Value = chkBootFromCd.Checked;
 			//optionNumLock.Value = chkNumLock.Checked;
diff --git a/WebsitePanel/Sources/WebsitePanel.WebPortal/Web.config b/WebsitePanel/Sources/WebsitePanel.WebPortal/Web.config
index 01cb22c8..41e241ed 100644
--- a/WebsitePanel/Sources/WebsitePanel.WebPortal/Web.config
+++ b/WebsitePanel/Sources/WebsitePanel.WebPortal/Web.config
@@ -6,7 +6,7 @@
 		<add key="ChartImageHandler" value="storage=file;timeout=20;" />
     <add key="SessionValidationKey" value="DAD46D476F85E0198BCA134D7AA5CC1D7" />
 	</appSettings>
-	<system.web>
+	<system.web>    
 		<!-- SiteMap settings -->
 		<siteMap defaultProvider="WebsitePanelSiteMapProvider" enabled="true">
 			<providers>
@@ -20,7 +20,7 @@
 			</controls>
 		</pages>
 		<!-- Maximum size of uploaded file, in MB -->
-		<httpRuntime executionTimeout="1800" requestValidationMode="2.0" maxRequestLength="16384" enableVersionHeader="false"/>
+		<httpRuntime executionTimeout="1800" requestValidationMode="2.0" maxRequestLength="16384" enableVersionHeader="false" encoderType="Microsoft.Security.Application.AntiXssEncoder, AntiXssLibrary" />
 		<!--
           ASMX is mapped to a new handler so that proxy javascripts can also be served.
     -->