diff --git a/hotfixes/init.sls b/hotfixes/init.sls
--- a/hotfixes/init.sls
+++ b/hotfixes/init.sls
@@ -9,3 +9,4 @@
 include:
   - .CVE-2017-6074
   - .T1261-srv-data
+  - .old-directories
diff --git a/hotfixes/old-directories.sls b/hotfixes/old-directories.sls
new file mode 100644
--- /dev/null
+++ b/hotfixes/old-directories.sls
@@ -0,0 +1,23 @@
+#   -------------------------------------------------------------
+#   Salt — Hotfixes to mitigate bugs and security issues
+#   - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
+#   Project:        Nasqueron
+#   Created:        2017-11-23
+#   License:        Trivial work, not eligible to copyright
+#   -------------------------------------------------------------
+
+#   -------------------------------------------------------------
+#   T1325
+#   We now provision /var/wwwwroot/<domain></<subdomain> for
+#   all servers and not only for the web servers.
+#
+#   As such, /var/www/html nginx default directory on shellserver
+#   role can be pruned.
+#   - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
+
+{% if salt['node.has_role']('shellserver') %}
+
+/var/www/html:
+  file.absent
+
+{% endif %}