diff --git a/includes/config.inc.php-dist b/includes/config.inc.php-dist
index 4b0c551..dc173ef 100644
--- a/includes/config.inc.php-dist
+++ b/includes/config.inc.php-dist
@@ -1,15 +1,15 @@
 <?php
 
-$apiuser = '';      # The PowerDNS API username
-$apipass = '';      # The PowerDNS API-user password
-$apiip   = '';      # The IP of the PowerDNS API
-$apiport = '8081';  # The port of the PowerDNS API
-$apisid  = '';      # PowerDNS's :server_id
+$apiuser = '';          # The PowerDNS API username
+$apipass = '';          # The PowerDNS API-user password
+$apiip   = '';          # The IP of the PowerDNS API
+$apiport = '8081';      # The port of the PowerDNS API
+$apisid  = '';          # PowerDNS's :server_id
+$allowzoneadd = FALSE;  # Allow normal users to add zones
 
 
 # If you configure this, nsedit will try to authenticate via WeFact too.
 # Debtors will be added to the sqlitedatabase with their crypted password.
-
 #$wefactapiurl = 'https://yourdomain/Pro/apiv2/api.php';
 #$wefactapikey = 'xyz';
 
diff --git a/index.php b/index.php
index 5a7f210..72f3f4d 100644
--- a/index.php
+++ b/index.php
@@ -109,7 +109,9 @@ if (isset($templatelist)) {
         </ul>
     </div>
     <div id="zones">
+        <? if (is_adminuser() or $allowzoneadd === TRUE) { ?>
         <div style="visibility: hidden;" id="ImportZone"></div>
+        <? } ?>
         <div class="tables" id="MasterZones">
             <div class="searchbar" id="searchbar">
                 <input type="text" id="domsearch" name="domsearch" placeholder="Search...."/>
@@ -153,8 +155,10 @@ $(document).ready(function () {
         openChildAsAccordion: true,
         actions: {
             listAction: 'zones.php?action=listslaves',
+            <? if (is_adminuser() or $allowzoneadd === TRUE) { ?>
             createAction: 'zones.php?action=create',
             deleteAction: 'zones.php?action=delete'
+            <? } ?>
         },
         fields: {
             id: {
@@ -253,8 +257,10 @@ $(document).ready(function () {
         openChildAsAccordion: true,
         actions: {
             listAction: 'zones.php?action=list',
+            <? if (is_adminuser() or $allowzoneadd === TRUE) { ?>
             createAction: 'zones.php?action=create',
             deleteAction: 'zones.php?action=delete',
+            <? } ?>
             <? if (is_adminuser()) { ?>
             updateAction: 'zones.php?action=update'
             <? } ?>
diff --git a/zones.php b/zones.php
index c82a726..290028f 100644
--- a/zones.php
+++ b/zones.php
@@ -227,6 +227,9 @@ if ($action == "list" or $action== "listslaves") {
     usort($return, "zonesort");
     jtable_respond($return);
 } elseif ($action == "create") {
+    if (is_adminuser() !== TRUE or ($allowzoneadd !== TRUE)) {
+        jtable_respond(null, 'error', "You are not allowed to add zones");
+    }
     if (_valid_label($_POST['name']) === FALSE) {
         jtable_respond(null, 'error', "Please only use [a-z0-9_/.-]");
     }