diff --git a/.gitignore b/.gitignore
index dc24da8..373a02b 100644
--- a/.gitignore
+++ b/.gitignore
@@ -1,3 +1,4 @@
+*.htpasswd
 *.bak
 phpcache
 cache
diff --git a/common/federationtester.conf b/common/federationtester.conf
index 3e90453..25a2a34 100644
--- a/common/federationtester.conf
+++ b/common/federationtester.conf
@@ -4,7 +4,7 @@ add_header X-I2P-Location http://vern54jxta6pdm4zduragtjln4lybvrkuymmdslxlnec3sx
 location / {
 	proxy_pass https://ft.vern.cc/;
 	proxy_redirect off;
-	proxy_set_header Host $host;
+	proxy_set_header Host ft.vern.cc;
 	proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
 	proxy_set_header X-Forwarded-Proto $scheme;
 }
diff --git a/common/invidious.conf b/common/invidious.conf
index a4bd303..892b6e4 100644
--- a/common/invidious.conf
+++ b/common/invidious.conf
@@ -5,8 +5,7 @@ access_log off;
 error_log /var/log/nginx/error.log crit;
 
 location / {
-	#proxy_pass http://10.7.0.1:2500/;
-	proxy_pass http://127.0.0.1:2500/; # in case we cant host it on vps anymore
+	proxy_pass https://inv.vern.cc;
 	proxy_set_header X-Forwarded-For $remote_addr;
 	proxy_set_header Host $host;	# so Invidious knows domain
 	proxy_http_version 1.1;	 # to keep alive
diff --git a/common/mumble.conf b/common/mumble.conf
index 8feff8e..e2c6dd9 100644
--- a/common/mumble.conf
+++ b/common/mumble.conf
@@ -2,15 +2,13 @@ add_header Onion-Location http://mumble.vernccvbvyi5qhfzyqengccj7lkove6bjot2xhh5
 add_header X-I2P-Location http://vernlt2ydc2xvpy2vbcmgxfycekwkofkciwmp7oz2y6psneanlqa.b32.i2p$request_uri;
 
 location / {
-	root /usr/lib/node_modules/mumble-web/dist;
+	proxy_pass https://mumble.vern.cc/;
+	proxy_redirect off;
+	proxy_set_header Host mumble.vern.cc;
+	proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
+	proxy_set_header X-Forwarded-Proto $scheme;
 }
 
-location /vern {
-	proxy_pass http://localhost:64736;
-	proxy_http_version 1.1;
-	proxy_set_header Upgrade $http_upgrade;
-	proxy_set_header Connection $connection_upgrade;
-}
 if ($badagent) {
 	return 403;
 }
diff --git a/common/nitter.conf b/common/nitter.conf
index 8e1a954..6fff0e6 100644
--- a/common/nitter.conf
+++ b/common/nitter.conf
@@ -4,7 +4,7 @@ add_header X-I2P-Location http://vernzdedoxuflrrxc4vbatbkpjh4k22ecgiqgimdiif62on
 error_log off;
 
 location / {
-	proxy_pass http://127.0.0.1:5744/;
+	proxy_pass http://crescent.vern.cc:5744/;
 	proxy_http_version 1.1;
 	proxy_redirect off;
 	proxy_set_header Host $host;
diff --git a/common/simplelogin.conf b/common/simplelogin.conf
index 4b2838d..7ff304b 100644
--- a/common/simplelogin.conf
+++ b/common/simplelogin.conf
@@ -4,9 +4,9 @@ add_header X-I2P-Location http://verndokks33kdmyo23qihg45lb4sinl6f6b34hc7be6754p
 error_log /var/log/nginx/error.log crit;
 
 location / {
-	proxy_pass http://iceberg.vern.cc:7777;
+	proxy_pass https://sl.vern.cc;
+	proxy_set_header Host sl.vern.cc;
 	proxy_set_header X-Forwarded-For $remote_addr;
-	proxy_set_header Host $host;	# so Invidious knows domain
 	proxy_http_version 1.1;	 # to keep alive
 	proxy_set_header Connection ""; # to keep alive
 }
diff --git a/common/speedtest.conf b/common/speedtest.conf
index a52d968..0ba4b0c 100644
--- a/common/speedtest.conf
+++ b/common/speedtest.conf
@@ -3,7 +3,7 @@ add_header X-I2P-Location http://verncfvtpzdyrq4iy72nsv5tq3tmoxblywsxg25v2eydyao
 
 location / {
 	proxy_set_header   X-Forwarded-For $proxy_add_x_forwarded_for;
-#	proxy_set_header   Host "ls.vern.cc";
+	proxy_set_header   Host "ls.vern.cc";
 	proxy_pass         https://ls.vern.cc/;
 	proxy_http_version 1.1;
 	proxy_set_header   Upgrade $http_upgrade;
diff --git a/common/status.conf b/common/status.conf
new file mode 100644
index 0000000..107af23
--- /dev/null
+++ b/common/status.conf
@@ -0,0 +1,13 @@
+#access_log off;
+error_log /var/log/nginx/error.log crit;
+
+location / {
+	proxy_pass https://status.vern.cc;
+	proxy_set_header Host status.vern.cc;
+	proxy_set_header X-Forwarded-For $remote_addr;
+	proxy_http_version 1.1;	 # to keep alive
+	proxy_set_header Connection ""; # to keep alive
+}
+if ($badagent) {
+	return 403;
+}
diff --git a/common/website.conf b/common/website.conf
index 13d7e2f..14c08ba 100644
--- a/common/website.conf
+++ b/common/website.conf
@@ -29,8 +29,11 @@ location @extensionless-php {
 }
 location ~ (\.cgi|\.py|\.sh|\.pl|\.lua|\/cgi-bin)$ {
 	gzip off;
+	ssi on;
+	try_files $uri /$lang$uri /en$uri =404;
+	fastcgi_param SCRIPT_FILENAME $realpath_root$uri;
+	fastcgi_param POST_STRING $request_body;
 	fastcgi_pass unix:/run/fcgiwrap.socket;
-	fastcgi_param SCRIPT_FILENAME $realpath_root$fastcgi_script_name;
 }
 
 # Main
@@ -110,7 +113,7 @@ location /finreport {
 	alias /var/www/website/en/finreport;
 	fancyindex on;
 	fancyindex_exact_size off;
-	fancyindex_default_sort date_desc;
+	fancyindex_default_sort name_desc;
 	fancyindex_time_format "%a, %e %B %Y %I:%M:%S %p";
 }
 
diff --git a/common/znc.conf b/common/znc.conf
index 4d05288..ba4294d 100644
--- a/common/znc.conf
+++ b/common/znc.conf
@@ -2,9 +2,9 @@ add_header Onion-Location http://znc.vernccvbvyi5qhfzyqengccj7lkove6bjot2xhh5kaj
 add_header X-I2P-Location http://vernd722rkd3v2o5ppu3aphmfhdthmillq5patn4fa7qvk5ngiaq.b32.i2p$request_uri;
 
 location / {
-	proxy_pass https://127.0.0.1:6697/;
+	proxy_pass http://127.0.0.1:6667/;
 	proxy_redirect off;
-	proxy_set_header Host $host;
+	proxy_set_header Host znc.vern.cc;
 	proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
 	proxy_set_header X-Forwarded-Proto $scheme;
 }
diff --git a/conf.d/checkstatus.conf b/conf.d/checkstatus.conf
index 530c378..364488b 100644
--- a/conf.d/checkstatus.conf
+++ b/conf.d/checkstatus.conf
@@ -1,3 +1,20 @@
+map $arg_b32 $b32 {
+	default  $arg_b32;
+	''       verncceu2kgz54wi7r5jatgmx2mqtsh3knxhiy4m5shescuqtqfa.b32.i2p;
+}
+map $arg_port $dn_port {
+	default  :$arg_port;
+	''       $arg_port;
+}
+map $arg_subdomain $onion {
+	default  $arg_subdomain;
+	''       www;
+}
+map $arg_uri $dn_uri {
+	default  $arg_uri;
+	''       /;
+}
+
 server {
 	listen 443 ssl http2;
 	listen [::]:443 ssl http2;
@@ -9,11 +26,13 @@ server {
 	access_log /var/log/checkstatus.log;
 	ssi on;
 	gzip off;
-	include snippets/fastcgi.conf;
-	fastcgi_buffering off;
 	fastcgi_param SCRIPT_FILENAME $realpath_root$fastcgi_script_name;
+	fastcgi_param QUERY_STRING $query_string;
 	fastcgi_param REDIRECT_STATUS 0;
+	fastcgi_buffering off;
 	fastcgi_param NO_BUFFERING 1;
+	fastcgi_connect_timeout 300;
+	fastcgi_read_timeout 300;
 	location /udp {
 		fastcgi_pass unix:/run/fcgiwrap/checkstatus-udp.socket;
 	}
@@ -21,7 +40,7 @@ server {
 		fastcgi_pass unix:/run/fcgiwrap/checkstatus-onion.socket;
 	}
 	location /i2p {
-		fastcgi_pass unix:/run/fcgiwrap/checkstatus-i2p.socket;
+		fastcgi_pass unix:/run/fcgiwrap/checkstatus-onion.socket;
 	}
 
 }
diff --git a/conf.d/libreddit.conf b/conf.d/libreddit.conf
index 86846c2..fff90df 100644
--- a/conf.d/libreddit.conf
+++ b/conf.d/libreddit.conf
@@ -21,6 +21,8 @@ server {
 	listen [::]:443 ssl http2;
 	include snippets/lets-encrypt.conf;
 	server_name lr.vern.cc reddit.vern.cc libreddit.vern.cc fr.vern.cc ferrit.vern.cc;
+	auth_basic "Ratelimit protection";
+	auth_basic_user_file /etc/nginx/.libreddit.htpasswd;
 	include common/libreddit.conf;
 }
 
diff --git a/conf.d/riot.conf b/conf.d/riot.conf
index b7ef9f8..8adaa02 100644
--- a/conf.d/riot.conf
+++ b/conf.d/riot.conf
@@ -2,7 +2,7 @@ server {
 	listen 80;
 	listen [::]:80;
 
-	server_name riot.vernccvbvyi5qhfzyqengccj7lkove6bjot2xhh5kajhwvidqafczrad.onion el.vernccvbvyi5qhfzyqengccj7lkove6bjot2xhh5kajhwvidqafczrad.onion;
+	server_name riot.vernccvbvyi5qhfzyqengccj7lkove6bjot2xhh5kajhwvidqafczrad.onion el.vernccvbvyi5qhfzyqengccj7lkove6bjot2xhh5kajhwvidqafczrad.onion element.vernccvbvyi5qhfzyqengccj7lkove6bjot2xhh5kajhwvidqafczrad.onion;
 
 	include common/riot.conf;
 }
@@ -20,7 +20,7 @@ server {
 server {
 	listen 443 ssl http2;
 	listen [::]:443 ssl http2;
-	server_name riot.vern.cc el.vern.cc;
+	server_name riot.vern.cc el.vern.cc element.vern.cc;
 	include snippets/lets-encrypt.conf;
 
 	include common/riot.conf;
@@ -29,6 +29,6 @@ server {
 server {
 	listen 80;
 	listen [::]:80;
-	server_name riot.vern.cc el.vern.cc;
+	server_name riot.vern.cc el.vern.cc element.vern.cc;
 	return 301 https://$host$request_uri;
 }
diff --git a/conf.d/status.conf b/conf.d/status.conf
new file mode 100644
index 0000000..d015b40
--- /dev/null
+++ b/conf.d/status.conf
@@ -0,0 +1,17 @@
+server {
+	listen 80;
+	listen [::]:80;
+
+	server_name status.vernccvbvyi5qhfzyqengccj7lkove6bjot2xhh5kajhwvidqafczrad.onion;
+
+	include common/status.conf;
+}
+
+server {
+	listen 11111;
+	listen [::]:11111;
+
+	server_name verndmjrrvx4fgk4ykgjcnflywlaj5h5wezpixq636mewn42khlq.b32.i2p;
+
+	include common/status.conf;
+}
diff --git a/nginx.conf b/nginx.conf
index 2e92769..cbb1007 100644
--- a/nginx.conf
+++ b/nginx.conf
@@ -3,7 +3,7 @@ worker_processes auto;
 pid /run/nginx.pid;
 include /etc/nginx/modules-enabled/*.conf;
 events {
-	worker_connections 768;
+	worker_connections 786;
 	# multi_accept on;
 }
 
@@ -22,7 +22,7 @@ http {
 	# Logging Settings
 	log_format main '$remote_addr - $remote_user [$time_local]  $status "$host" "$request" $body_bytes_sent "$http_referer" "$http_user_agent" "$http_x_forwarded_for"';
 	access_log /var/log/nginx/access.log main;
-	error_log /var/log/nginx/error.log;
+	error_log /var/log/nginx/error.log debug;
 	gzip on;
 	# gzip_vary on;
 	# gzip_proxied any;