diff --git a/advanced/Scripts/webpage.sh b/advanced/Scripts/webpage.sh
index 5863d2dc..179580b4 100755
--- a/advanced/Scripts/webpage.sh
+++ b/advanced/Scripts/webpage.sh
@@ -41,6 +41,18 @@ SetTemperatureUnit(){
 
 SetWebPassword(){
 
+	if [ "${SUDO_USER}" == "www-data" ]; then
+		echo "Security measure: user www-data is not allowed to change webUI password!"
+		echo "Exiting"
+		exit 1
+	fi
+
+	if [ "${SUDO_USER}" == "lighttpd" ]; then
+		echo "Security measure: user lighttpd is not allowed to change webUI password!"
+		echo "Exiting"
+		exit 1
+	fi
+
 	# Remove password from file (create backup setupVars.conf.bak)
 	sed -i.bak '/WEBPASSWORD/d' /etc/pihole/setupVars.conf
 	# Set password only if there is one to be set