diff --git a/nginx/nginx.conf b/nginx/nginx.conf
index dc22742..61d4441 100644
--- a/nginx/nginx.conf
+++ b/nginx/nginx.conf
@@ -1,9 +1,11 @@
-worker_processes 4;
-worker_rlimit_nofile 800000;
+worker_processes 2;
+worker_rlimit_nofile 500000;
 worker_shutdown_timeout 10;
 
 events {
-	worker_connections 700000; # Default: 1024
+	worker_connections 100000; # Default: 1024
+	#use epoll;
+	#multi_accept on;
 }
 
 http {
@@ -15,7 +17,7 @@ http {
                            '"$http_referer" "$http_user_agent" "$gzip_ratio"';
 
 	#limit_req_zone $binary_remote_addr zone=mylimit:10m rate=10r/s;
-	#limit_req_log_level warn;
+	limit_req_log_level warn;
 	
 	include		/etc/nginx/mime.types;
 	include		/etc/nginx/proxy.conf;
@@ -26,8 +28,10 @@ http {
 		text/csv	csv;
 	}
 	# keepalive settings
-	keepalive_requests		10;
-	keepalive_timeout		5;
+	#keepalive_requests		10;
+	keepalive_timeout		5s;
+	#http2_idle_timeout		10s; # replaced by keepalive_timeout in 1.19.7	
+
 	access_log off;
 	#error_log /etc/nginx/logs/error.log warn;
 	error_log /dev/null crit;
@@ -35,7 +39,7 @@ http {
 	upstream backend_GET {
 		ip_hash;
 		
-		keepalive 	5;
+		#keepalive 	5;
 		#server		localhost:4441;
 		#server		localhost:4442;
 		#server		localhost:4443;
@@ -58,6 +62,9 @@ http {
 		server		10.0.0.9:4441;
 		server		10.0.0.9:4442;
 
+		server		10.0.0.10:4441;
+		server		10.0.0.10:4442;
+
 		#server		134.209.69.251:80	backup;
 
 		#server		116.203.32.253:80	backup;
@@ -107,8 +114,8 @@ http {
 			include				/etc/nginx/cors.conf;
 			#return 200 "[]";
 			proxy_pass		http://backend_$request_method;
-			#proxy_cache	CACHEZONE;
-			#proxy_cache_valid	30s;
+			proxy_cache	CACHEZONE;
+			proxy_cache_valid	10s;
 			#limit_req zone=mylimit;
 
 			#access_log /etc/nginx/logs/download.log no_ip;
@@ -130,7 +137,7 @@ http {
 
 		location /api/getTotalStats {
 			include		 /etc/nginx/cors.conf;
-			proxy_pass http://backend_GET;
+			proxy_pass http://backend_POST;
 			proxy_cache CACHEZONE;
 			proxy_cache_valid 20m;
 			#return 204;
@@ -138,7 +145,7 @@ http {
 
 		location /api/getTopCategoryUsers {
 			include				/etc/nginx/cors.conf;
-			proxy_pass		http://backend_GET;
+			proxy_pass		http://backend_POST;
 			proxy_cache		CACHEZONE;
 			proxy_cache_valid	20m;
 		}
@@ -199,12 +206,14 @@ http {
 		}
 		
 		listen [::]:443 default_server ssl http2 ipv6only=on backlog=323999;
-		listen 443 default_server ssl http2 reuseport backlog=323999; # managed by Certbot
+		listen 443 default_server ssl http2 reuseport backlog=3000999; # managed by Certbot
 		#listen 443 http3 reuseport;
 		#ssl_protocols TLSv1.2 TLSv1.3;
 		#listen 80;
-    ssl_certificate /etc/letsencrypt/live/sponsor.ajay.app-0001/fullchain.pem; # managed by Certbot
-    ssl_certificate_key /etc/letsencrypt/live/sponsor.ajay.app-0001/privkey.pem; # managed by Certbot
+    		ssl_certificate /home/sbadmin/certs/cert.pem;
+   		ssl_certificate_key /home/sbadmin/certs/key.pem;
+		#ssl_certificate /etc/letsencrypt/live/sponsor.ajay.app-0001/fullchain.pem; # managed by Certbot
+		#ssl_certificate_key /etc/letsencrypt/live/sponsor.ajay.app-0001/privkey.pem; # managed by Certbot
 		include				/etc/letsencrypt/options-ssl-nginx.conf; # managed by Certbot
 		ssl_dhparam			/etc/letsencrypt/ssl-dhparams.pem; # managed by Certbot
 	}
@@ -227,8 +236,10 @@ http {
 
 
 		listen 443 ssl; # managed by Certbot
-    ssl_certificate /etc/letsencrypt/live/sponsor.ajay.app-0001/fullchain.pem; # managed by Certbot
-    ssl_certificate_key /etc/letsencrypt/live/sponsor.ajay.app-0001/privkey.pem; # managed by Certbot
+		ssl_certificate /home/sbadmin/certs/cert.pem;
+                ssl_certificate_key /home/sbadmin/certs/key.pem;
+    		#ssl_certificate /etc/letsencrypt/live/sponsor.ajay.app-0001/fullchain.pem; # managed by Certbot
+    		#ssl_certificate_key /etc/letsencrypt/live/sponsor.ajay.app-0001/privkey.pem; # managed by Certbot
 		include /etc/letsencrypt/options-ssl-nginx.conf; # managed by Certbot
 		ssl_dhparam /etc/letsencrypt/ssl-dhparams.pem; # managed by Certbot
 	}
@@ -236,33 +247,21 @@ http {
 	server {
 		access_log off;
 
-		if ($host = api.sponsor.ajay.app) {
-			return 301 https://$host$request_uri;
-		} # managed by Certbot
-
-		if ($host = sponsor.ajay.app) {
-			return 301 https://$host$request_uri;
-		} # managed by Certbot
+		return 301 https://$host$request_uri;
 
 		listen [::]:80 ipv6only=on;
 		listen 80;
-		server_name sponsor.ajay.app api.sponsor.ajay.app;
-		return 404; # managed by Certbot
-	}
-
-	server {
-		if ($host = cdnsponsor.ajay.app) {
-			return 301 https://$host$request_uri;
-		} # managed by Certbot
-
-		server_name cdnsponsor.ajay.app;
-		listen 80;
+		server_name sponsor.ajay.app api.sponsor.ajay.app, cdnsponsor.ajay.app, wiki.sponsor.ajay.app;
 		return 404; # managed by Certbot
 	}
 
 	server {
 		server_name wiki.sponsor.ajay.app; # managed by Certbot
 		
+		location /.well-known/ {
+			 root    /home/sbadmin/SponsorBlockSite/public-prod;
+		}
+
 		location ~* ^/index.php/(?<pagename>.*)$ {
 			return 301 /w/$pagename;
 		}
@@ -276,8 +275,10 @@ http {
 		#listen 443 http3 reuseport;
 		#ssl_protocols TLSv1.2 TLSv1.3;
 		#listen 80;
-    ssl_certificate /etc/letsencrypt/live/sponsor.ajay.app-0001/fullchain.pem; # managed by Certbot
-    ssl_certificate_key /etc/letsencrypt/live/sponsor.ajay.app-0001/privkey.pem; # managed by Certbot
+		ssl_certificate /home/sbadmin/certs/cert.pem;
+   		ssl_certificate_key /home/sbadmin/certs/key.pem;
+    		#ssl_certificate /etc/letsencrypt/live/sponsor.ajay.app-0001/fullchain.pem; # managed by Certbot
+    		#ssl_certificate_key /etc/letsencrypt/live/sponsor.ajay.app-0001/privkey.pem; # managed by Certbot
 		include /etc/letsencrypt/options-ssl-nginx.conf; # managed by Certbot
 		ssl_dhparam /etc/letsencrypt/ssl-dhparams.pem; # managed by Certbot
 	}