diff --git a/ChangeLog b/ChangeLog
index 90a57f75..a0eda6dd 100644
--- a/ChangeLog
+++ b/ChangeLog
@@ -16,7 +16,9 @@ ver. 0.8.10 (2013/XX/XXX) - NOT-YET-RELEASED
      within [Init].  Closes gh-232
 - New Features
 - Enhancements
-
+  Yaroslav Halchenko
+   * jail.conf -- assure all jails have actions and remove unused
+     ports specifications
 
 ver. 0.8.9 (2013/05/13) - wanna-be-stable
 ----------
diff --git a/config/jail.conf b/config/jail.conf
index ec5b32ef..d3a23920 100644
--- a/config/jail.conf
+++ b/config/jail.conf
@@ -239,10 +239,8 @@ logpath  = /var/log/roundcube/userlogins
 
 enabled  = false
 filter   = sogo-auth
-port     = http, https
 # without proxy this would be:
 # port    = 20000
-
 action   = iptables[name=SOGo, port="http,https"]
 logpath  = /var/log/sogo/sogo.log
 
@@ -253,7 +251,7 @@ logpath  = /var/log/sogo/sogo.log
 [php-url-fopen]
 
 enabled = false
-port    = http,https
+action  = iptables[name=php-url-open, port="http,https"]
 filter  = php-url-fopen
 logpath = /var/www/*/logs/access_log
 maxretry = 1
@@ -268,8 +266,8 @@ maxretry = 1
 [lighttpd-fastcgi]
 
 enabled = false
-port    = http,https
 filter  = lighttpd-fastcgi
+action  = iptables[name=lighttpd-fastcgi, port="http,https"]
 # adapt the following two items as needed
 logpath = /var/log/lighttpd/error.log
 maxretry = 2
@@ -280,8 +278,8 @@ maxretry = 2
 [lighttpd-auth]
 
 enabled = false
-port    = http,https
 filter  = lighttpd-auth
+action  = iptables[name=lighttpd-auth, port="http,https"]
 # adapt the following two items as needed
 logpath = /var/log/lighttpd/error.log
 maxretry = 2