diff --git a/Teknik/Areas/Blog/Controllers/BlogController.cs b/Teknik/Areas/Blog/Controllers/BlogController.cs
index 5fe596b..45fe94d 100644
--- a/Teknik/Areas/Blog/Controllers/BlogController.cs
+++ b/Teknik/Areas/Blog/Controllers/BlogController.cs
@@ -134,7 +134,6 @@ namespace Teknik.Areas.Blog.Controllers
         }
 
         [HttpPost]
-        [ValidateAntiForgeryToken]
         public ActionResult CreatePost(int blogID, string title, string article)
         {
             if (ModelState.IsValid)
@@ -169,7 +168,6 @@ namespace Teknik.Areas.Blog.Controllers
         }
 
         [HttpPost]
-        [ValidateAntiForgeryToken]
         public ActionResult EditPost(int postID, string title, string article)
         {
             if (ModelState.IsValid)
@@ -194,7 +192,6 @@ namespace Teknik.Areas.Blog.Controllers
         }
 
         [HttpPost]
-        [ValidateAntiForgeryToken]
         public ActionResult PublishPost(int postID, bool publish)
         {
             if (ModelState.IsValid)
@@ -219,7 +216,6 @@ namespace Teknik.Areas.Blog.Controllers
         }
 
         [HttpPost]
-        [ValidateAntiForgeryToken]
         public ActionResult DeletePost(int postID)
         {
             if (ModelState.IsValid)
@@ -271,7 +267,6 @@ namespace Teknik.Areas.Blog.Controllers
         }
 
         [HttpPost]
-        [ValidateAntiForgeryToken]
         public ActionResult CreateComment(int postID, string article)
         {
             if (ModelState.IsValid)
@@ -295,7 +290,6 @@ namespace Teknik.Areas.Blog.Controllers
         }
 
         [HttpPost]
-        [ValidateAntiForgeryToken]
         public ActionResult EditComment(int commentID, string article)
         {
             if (ModelState.IsValid)
@@ -319,7 +313,6 @@ namespace Teknik.Areas.Blog.Controllers
         }
 
         [HttpPost]
-        [ValidateAntiForgeryToken]
         public ActionResult DeleteComment(int commentID)
         {
             if (ModelState.IsValid)
diff --git a/Teknik/Areas/Blog/Scripts/Blog.js b/Teknik/Areas/Blog/Scripts/Blog.js
index b8c3e81..faec94a 100644
--- a/Teknik/Areas/Blog/Scripts/Blog.js
+++ b/Teknik/Areas/Blog/Scripts/Blog.js
@@ -7,7 +7,7 @@
         $.ajax({
             type: "POST",
             url: addPostURL,
-            data: AddAntiForgeryToken({ blogID: blogID, title: title, article: post }),
+            data: { blogID: blogID, title: title, article: post },
             success: function (html) {
                 if (html.result) {
                     window.location.reload();
@@ -55,7 +55,7 @@
         $.ajax({
             type: "POST",
             url: editPostURL,
-            data: AddAntiForgeryToken({ postID: postID, title: title, article: post }),
+            data: { postID: postID, title: title, article: post },
             success: function (html) {
                 if (html.result) {
                     window.location.reload();
@@ -76,7 +76,7 @@
         $.ajax({
             type: "POST",
             url: addCommentURL,
-            data: AddAntiForgeryToken({ postID: postID, article: post }),
+            data: { postID: postID, article: post },
             success: function (html) {
                 if (html.result) {
                     window.location.reload();
@@ -113,7 +113,7 @@
         $.ajax({
             type: "POST",
             url: editCommentURL,
-            data: AddAntiForgeryToken({ commentID: postID, article: post }),
+            data: { commentID: postID, article: post },
             success: function (html) {
                 if (html.result) {
                     window.location.reload();
@@ -185,7 +185,7 @@ function linkPostUnpublish(selector) {
         $.ajax({
             type: "POST",
             url: publishPostURL,
-            data: AddAntiForgeryToken({ postID: post_id, publish: false }),
+            data: { postID: post_id, publish: false },
             success: function (html) {
                 if (html.result) {
                     window.location.reload();
@@ -206,7 +206,7 @@ function linkPostPublish(selector) {
         $.ajax({
             type: "POST",
             url: publishPostURL,
-            data: AddAntiForgeryToken({postID: post_id, publish: true }),
+            data: {postID: post_id, publish: true },
             success: function (html) {
                 if (html.result) {
                     window.location.reload();
@@ -229,7 +229,7 @@ function linkPostDelete(selector) {
                 $.ajax({
                     type: "POST",
                     url: deletePostURL,
-                    data: AddAntiForgeryToken({ postID: post_id }),
+                    data: { postID: post_id },
                     success: function (html) {
                         if (html.result) {
                             window.location.reload();
@@ -254,7 +254,7 @@ function linkCommentDelete(selector) {
                 $.ajax({
                     type: "POST",
                     url: deleteCommentURL,
-                    data: AddAntiForgeryToken({ commentID: post_id }),
+                    data: { commentID: post_id },
                     success: function (html) {
                         if (html.result) {
                             window.location.reload();
diff --git a/Teknik/Areas/Error/Controllers/ErrorController.cs b/Teknik/Areas/Error/Controllers/ErrorController.cs
index 9ce8743..54340e3 100644
--- a/Teknik/Areas/Error/Controllers/ErrorController.cs
+++ b/Teknik/Areas/Error/Controllers/ErrorController.cs
@@ -29,9 +29,6 @@ namespace Teknik.Areas.Error.Controllers
         {
             ViewBag.Title = "Http Exception - " + Config.Title;
 
-            if (Response != null)
-                Response.StatusCode = (exception as HttpException).GetHttpCode();
-
             ErrorViewModel model = new ErrorViewModel();
             model.Description = exception.Message;
             model.Exception = exception;
@@ -45,9 +42,6 @@ namespace Teknik.Areas.Error.Controllers
             ViewBag.Title = "403 - " + Config.Title;
             ViewBag.Message = "Access Denied";
 
-            if (Response != null)
-                Response.StatusCode = 403;
-
             ErrorViewModel model = new ErrorViewModel();
             model.Exception = exception;
 
@@ -59,9 +53,6 @@ namespace Teknik.Areas.Error.Controllers
         {
             ViewBag.Title = "404 - " + Config.Title;
             ViewBag.Message = "Uh Oh, can't find it!";
-            
-            if (Response != null)
-                Response.StatusCode = 404;
 
             ErrorViewModel model = new ErrorViewModel();
             model.Exception = exception;
@@ -75,9 +66,6 @@ namespace Teknik.Areas.Error.Controllers
             ViewBag.Title = "500 - " + Config.Title;
             ViewBag.Message = "Something Borked";
 
-            if (Response != null)
-                Response.StatusCode = 500;
-
             ErrorViewModel model = new ErrorViewModel();
             model.Exception = exception;
 
diff --git a/Teknik/Areas/Error/ErrorAreaRegistration.cs b/Teknik/Areas/Error/ErrorAreaRegistration.cs
index 7bb37b1..b539904 100644
--- a/Teknik/Areas/Error/ErrorAreaRegistration.cs
+++ b/Teknik/Areas/Error/ErrorAreaRegistration.cs
@@ -17,21 +17,21 @@ namespace Teknik.Areas.Error
         {
             context.MapSubdomainRoute(
                  "Error.Http404", // Route name
-                 new List<string>() { "*" }, // Subdomains
+                 new List<string>() { "*", "error" }, // Subdomains
                  "404",    // URL with parameters 
                  new { controller = "Error", action = "Http404" },  // Parameter defaults 
                  new[] { typeof(Controllers.ErrorController).Namespace }
              );
             context.MapSubdomainRoute(
                  "Error.Http403", // Route name
-                 new List<string>() { "*" }, // Subdomains
+                 new List<string>() { "*", "error" }, // Subdomains
                  "403",    // URL with parameters 
                  new { controller = "Error", action = "Http403" },  // Parameter defaults 
                  new[] { typeof(Controllers.ErrorController).Namespace }
              );
             context.MapSubdomainRoute(
                  "Error.Http500", // Route name
-                 new List<string>() { "*" }, // Subdomains
+                 new List<string>() { "*", "error" }, // Subdomains
                  "500",    // URL with parameters 
                  new { controller = "Error", action = "Http500" },  // Parameter defaults 
                  new[] { typeof(Controllers.ErrorController).Namespace }
diff --git a/Teknik/Areas/Home/Controllers/HomeController.cs b/Teknik/Areas/Home/Controllers/HomeController.cs
index 683212a..c4e736c 100644
--- a/Teknik/Areas/Home/Controllers/HomeController.cs
+++ b/Teknik/Areas/Home/Controllers/HomeController.cs
@@ -23,17 +23,17 @@ namespace Teknik.Areas.Home.Controllers
             HomeViewModel model = new HomeViewModel();
             // Grab the latest site blog posts
             List<BlogPost> lastSite = new List<BlogPost>();
-            var foundSite = db.BlogPosts.Include("Blog").Include("Blog.User").OrderBy(post => post.DatePosted).Where(p => p.Published && p.System).Take(10);
+            var foundSite = db.BlogPosts.Include("Blog").Include("Blog.User").OrderByDescending(post => post.DatePosted).Where(p => p.Published && p.System).Take(5);
             if (foundSite != null)
                 lastSite = foundSite.ToList();
             // Grab the latest user blog posts
             List<BlogPost> lastPosts = new List<BlogPost>();
-            var foundPosts = db.BlogPosts.Include("Blog").Include("Blog.User").OrderBy(post => post.DatePosted).Where(p => p.Published && !p.System).Take(10);
+            var foundPosts = db.BlogPosts.Include("Blog").Include("Blog.User").OrderByDescending(post => post.DatePosted).Where(p => p.Published && !p.System).Take(5);
             if (foundPosts != null)
                 lastPosts = foundPosts.ToList();
             // Grab the latest podcasts
             List<Podcast.Models.Podcast> lastPods = new List<Podcast.Models.Podcast>();
-            var foundPods = db.Podcasts.OrderBy(post => post.DatePosted).Where(p => p.Published).Take(10);
+            var foundPods = db.Podcasts.OrderByDescending(post => post.DatePosted).Where(p => p.Published).Take(5);
             if (foundPods != null)
                 lastPods = foundPods.ToList();
 
diff --git a/Teknik/Areas/Paste/Controllers/PasteController.cs b/Teknik/Areas/Paste/Controllers/PasteController.cs
index b065293..b012ebf 100644
--- a/Teknik/Areas/Paste/Controllers/PasteController.cs
+++ b/Teknik/Areas/Paste/Controllers/PasteController.cs
@@ -102,7 +102,6 @@ namespace Teknik.Areas.Paste.Controllers
 
         [HttpPost]
         [AllowAnonymous]
-        [ValidateAntiForgeryToken]
         public ActionResult Paste([Bind(Include = "Content, Title, Syntax, ExpireLength, ExpireUnit, Password, Hide")]PasteCreateViewModel model)
         {
             if (ModelState.IsValid)
@@ -130,7 +129,7 @@ namespace Teknik.Areas.Paste.Controllers
                         db.Pastes.Add(paste);
                         db.SaveChanges();
 
-                        return Redirect(Url.SubRouteUrl("paste", "Paste.View", new { type = "Full", url = paste.Url, password = model.Password }));
+                        return Redirect(Url.SubRouteUrl("p", "Paste.View", new { type = "Full", url = paste.Url, password = model.Password }));
                     }
                     catch (Exception ex)
                     {
diff --git a/Teknik/Areas/Paste/Views/Paste/Index.cshtml b/Teknik/Areas/Paste/Views/Paste/Index.cshtml
index fec9792..77a9d7a 100644
--- a/Teknik/Areas/Paste/Views/Paste/Index.cshtml
+++ b/Teknik/Areas/Paste/Views/Paste/Index.cshtml
@@ -14,7 +14,6 @@
     <div class="row">
         <div class="col-sm-12">
             <form class="form-horizontal" name="editor" method="post" action="@Url.SubRouteUrl("paste", "Paste.Action", new { action = "Paste" })">
-                @Html.AntiForgeryToken()
                 <div class="form-group">
                     <div class="col-sm-10 col-sm-offset-1">
                         <textarea class="form-control" name="Content" id="content" rows="20"></textarea>
diff --git a/Teknik/Areas/Podcast/Controllers/PodcastController.cs b/Teknik/Areas/Podcast/Controllers/PodcastController.cs
index c79d165..5de3909 100644
--- a/Teknik/Areas/Podcast/Controllers/PodcastController.cs
+++ b/Teknik/Areas/Podcast/Controllers/PodcastController.cs
@@ -156,7 +156,6 @@ namespace Teknik.Areas.Podcast.Controllers
         }
 
         [HttpPost]
-        [ValidateAntiForgeryToken]
         public ActionResult CreatePodcast(int episode, string title, string description)
         {
             if (ModelState.IsValid)
@@ -223,7 +222,6 @@ namespace Teknik.Areas.Podcast.Controllers
         }
 
         [HttpPost]
-        [ValidateAntiForgeryToken]
         public ActionResult EditPodcast(int podcastId, int episode, string title, string description)
         {
             if (ModelState.IsValid)
@@ -253,7 +251,6 @@ namespace Teknik.Areas.Podcast.Controllers
         }
 
         [HttpPost]
-        [ValidateAntiForgeryToken]
         public ActionResult PublishPodcast(int podcastId, bool publish)
         {
             if (ModelState.IsValid)
@@ -278,7 +275,6 @@ namespace Teknik.Areas.Podcast.Controllers
         }
 
         [HttpPost]
-        [ValidateAntiForgeryToken]
         public ActionResult DeletePodcast(int podcastId)
         {
             if (ModelState.IsValid)
@@ -330,7 +326,6 @@ namespace Teknik.Areas.Podcast.Controllers
         }
 
         [HttpPost]
-        [ValidateAntiForgeryToken]
         public ActionResult CreateComment(int podcastId, string article)
         {
             if (ModelState.IsValid)
@@ -354,7 +349,6 @@ namespace Teknik.Areas.Podcast.Controllers
         }
 
         [HttpPost]
-        [ValidateAntiForgeryToken]
         public ActionResult EditComment(int commentID, string article)
         {
             if (ModelState.IsValid)
@@ -378,7 +372,6 @@ namespace Teknik.Areas.Podcast.Controllers
         }
 
         [HttpPost]
-        [ValidateAntiForgeryToken]
         public ActionResult DeleteComment(int commentID)
         {
             if (ModelState.IsValid)
diff --git a/Teknik/Areas/Podcast/Scripts/Podcast.js b/Teknik/Areas/Podcast/Scripts/Podcast.js
index 811e4c0..8537a6f 100644
--- a/Teknik/Areas/Podcast/Scripts/Podcast.js
+++ b/Teknik/Areas/Podcast/Scripts/Podcast.js
@@ -81,7 +81,7 @@
         $.ajax({
             type: "POST",
             url: editPodcastURL,
-            data: AddAntiForgeryToken({ podcastId: podcastId, episode: episode, title: title, description: description }),
+            data: { podcastId: podcastId, episode: episode, title: title, description: description },
             success: function (html) {
                 if (html.result) {
                     window.location.reload();
@@ -102,7 +102,7 @@
         $.ajax({
             type: "POST",
             url: addCommentURL,
-            data: AddAntiForgeryToken({ podcastId: postID, article: post }),
+            data: { podcastId: postID, article: post },
             success: function (html) {
                 if (html.result) {
                     window.location.reload();
@@ -139,7 +139,7 @@
         $.ajax({
             type: "POST",
             url: editCommentURL,
-            data: AddAntiForgeryToken({ commentID: postID, article: post }),
+            data: { commentID: postID, article: post },
             success: function (html) {
                 if (html.result) {
                     window.location.reload();
@@ -211,7 +211,7 @@ function linkPodcastUnpublish(selector) {
         $.ajax({
             type: "POST",
             url: publishPodcastURL,
-            data: AddAntiForgeryToken({ podcastId: podcastId, publish: false }),
+            data: { podcastId: podcastId, publish: false },
             success: function (html) {
                 if (html.result) {
                     window.location.reload();
@@ -232,7 +232,7 @@ function linkPodcastPublish(selector) {
         $.ajax({
             type: "POST",
             url: publishPodcastURL,
-            data: AddAntiForgeryToken({ podcastId: podcastId, publish: true }),
+            data: { podcastId: podcastId, publish: true },
             success: function (html) {
                 if (html.result) {
                     window.location.reload();
@@ -255,7 +255,7 @@ function linkPodcastDelete(selector) {
                 $.ajax({
                     type: "POST",
                     url: deletePodcastURL,
-                    data: AddAntiForgeryToken({ podcastId: podcastId }),
+                    data: { podcastId: podcastId },
                     success: function (html) {
                         if (html.result) {
                             window.location.reload();
@@ -280,7 +280,7 @@ function linkCommentDelete(selector) {
                 $.ajax({
                     type: "POST",
                     url: deleteCommentURL,
-                    data: AddAntiForgeryToken({ commentID: post_id }),
+                    data: { commentID: post_id },
                     success: function (html) {
                         if (html.result) {
                             window.location.reload();
diff --git a/Teknik/Areas/Profile/Controllers/ProfileController.cs b/Teknik/Areas/Profile/Controllers/ProfileController.cs
index 01e9715..206e9d6 100644
--- a/Teknik/Areas/Profile/Controllers/ProfileController.cs
+++ b/Teknik/Areas/Profile/Controllers/ProfileController.cs
@@ -114,7 +114,6 @@ namespace Teknik.Areas.Profile.Controllers
 
         [HttpPost]
         [AllowAnonymous]
-        [ValidateAntiForgeryToken]
         public ActionResult Login(LoginViewModel model)
         {
             if (ModelState.IsValid)
@@ -138,7 +137,12 @@ namespace Teknik.Areas.Profile.Controllers
                             db.Entry(user).State = EntityState.Modified;
                             db.SaveChanges();
                         }
-                        FormsAuthentication.SetAuthCookie(model.Username, model.RememberMe);
+                        HttpCookie authcookie = FormsAuthentication.GetAuthCookie(model.Username, model.RememberMe);
+                        authcookie.Domain = string.Format(".{0}", Config.Host);
+                        authcookie.HttpOnly = true;
+                        authcookie.Secure = true;
+                        Response.AppendCookie(authcookie);
+
                         if (string.IsNullOrEmpty(model.ReturnUrl))
                         {
                             return Json(new { result = "true" });
@@ -172,7 +176,6 @@ namespace Teknik.Areas.Profile.Controllers
 
         [HttpPost]
         [AllowAnonymous]
-        [ValidateAntiForgeryToken]
         public ActionResult Register(RegisterViewModel model)
         {
             if (ModelState.IsValid)
@@ -261,7 +264,6 @@ namespace Teknik.Areas.Profile.Controllers
         }
 
         [HttpPost]
-        [ValidateAntiForgeryToken]
         public ActionResult Edit(string curPass, string newPass, string newPassConfirm, string website, string quote, string about, string blogTitle, string blogDesc, bool saveKey, bool serverSideEncrypt)
         {
             if (ModelState.IsValid)
@@ -332,7 +334,6 @@ namespace Teknik.Areas.Profile.Controllers
         }
 
         [HttpPost]
-        [ValidateAntiForgeryToken]
         public ActionResult Delete()
         {
             if (ModelState.IsValid)
diff --git a/Teknik/Areas/Profile/Scripts/Profile.js b/Teknik/Areas/Profile/Scripts/Profile.js
index 790b694..f99a8d4 100644
--- a/Teknik/Areas/Profile/Scripts/Profile.js
+++ b/Teknik/Areas/Profile/Scripts/Profile.js
@@ -8,7 +8,7 @@
                 $.ajax({
                     type: "POST",
                     url: deleteUserURL,
-                    data: AddAntiForgeryToken({}),
+                    data: {},
                     success: function (html) {
                         if (html.result) {
                             window.location.replace(homeUrl);
@@ -40,7 +40,7 @@
         $.ajax({
             type: "POST",
             url: editUserURL,
-            data: AddAntiForgeryToken({
+            data: {
                 curPass: current_password,
                 newPass: password,
                 newPassConfirm: password_confirm,
@@ -51,7 +51,7 @@
                 blogDesc: blog_desc,
                 saveKey: upload_saveKey,
                 serverSideEncrypt: upload_serverSideEncrypt
-            }),
+            },
             success: function (html) {
                 if (html.result) {
                     $.unblockUI();
diff --git a/Teknik/Areas/Profile/Views/Profile/Login.cshtml b/Teknik/Areas/Profile/Views/Profile/Login.cshtml
index b2722fd..9cf2ecd 100644
--- a/Teknik/Areas/Profile/Views/Profile/Login.cshtml
+++ b/Teknik/Areas/Profile/Views/Profile/Login.cshtml
@@ -3,7 +3,6 @@
 @if (Model.Config.UserConfig.LoginEnabled)
 {
 <form role="form" id="loginForm" action="@Url.SubRouteUrl("profile", "Profile.Login")" method="post" accept-charset="UTF-8">
-    @Html.AntiForgeryToken()
     <input name="ReturnUrl" id="ReturnUrl" type="hidden" value="@Model.ReturnUrl" />
     <div class="form-group">
         <input type="text" class="form-control" id="Username" value="" placeholder="Username" name="Username" data-val-required="The Username field is required." data-val="true" />
diff --git a/Teknik/Areas/Profile/Views/Profile/Register.cshtml b/Teknik/Areas/Profile/Views/Profile/Register.cshtml
index d677961..75e0aee 100644
--- a/Teknik/Areas/Profile/Views/Profile/Register.cshtml
+++ b/Teknik/Areas/Profile/Views/Profile/Register.cshtml
@@ -3,7 +3,6 @@
 @if (Model.Config.UserConfig.RegistrationEnabled)
 {
 <form role="form" id="registrationForm" action="@Url.SubRouteUrl("profile", "Profile.Register")" method="post" accept-charset="UTF-8">
-    @Html.AntiForgeryToken()
     <input name="ReturnUrl" id="ReturnUrl" type="hidden" value="@Model.ReturnUrl" />
     <div class="form-group">
         <input type="text" class="form-control" id="Username" value="" placeholder="Username" name="Username" data-val-required="The Username field is required." data-val="true"/>
diff --git a/Teknik/Areas/Upload/Controllers/UploadController.cs b/Teknik/Areas/Upload/Controllers/UploadController.cs
index 0dbac4d..e6f94db 100644
--- a/Teknik/Areas/Upload/Controllers/UploadController.cs
+++ b/Teknik/Areas/Upload/Controllers/UploadController.cs
@@ -41,7 +41,6 @@ namespace Teknik.Areas.Upload.Controllers
 
         [HttpPost]
         [AllowAnonymous]
-        [ValidateAntiForgeryToken]
         public ActionResult Upload(string fileType, string fileExt, string iv, int keySize, int blockSize, bool encrypt, bool saveKey, HttpPostedFileWrapper data, string key = null)
         {
             if (Config.UploadConfig.UploadEnabled)
@@ -83,7 +82,7 @@ namespace Teknik.Areas.Upload.Controllers
                                 db.SaveChanges();
                             }
                         }
-                        return Json(new { result = new { name = upload.Url, url = Url.SubRouteUrl("upload", "Upload.Download", new { file = upload.Url }), key = key } }, "text/plain");
+                        return Json(new { result = new { name = upload.Url, url = Url.SubRouteUrl("u", "Upload.Download", new { file = upload.Url }), key = key } }, "text/plain");
                     }
                     return Json(new { error = "Unable to upload file" });
                 }
@@ -156,7 +155,6 @@ namespace Teknik.Areas.Upload.Controllers
 
         [HttpPost]
         [AllowAnonymous]
-        [ValidateAntiForgeryToken]
         public FileResult DownloadData(string file)
         {
             if (Config.UploadConfig.DownloadEnabled)
@@ -230,7 +228,6 @@ namespace Teknik.Areas.Upload.Controllers
 
         [HttpPost]
         [AllowAnonymous]
-        [ValidateAntiForgeryToken]
         public ActionResult GenerateDeleteKey(string file)
         {
             Models.Upload upload = db.Uploads.Where(up => up.Url == file).FirstOrDefault();
@@ -247,7 +244,6 @@ namespace Teknik.Areas.Upload.Controllers
 
         [HttpPost]
         [AllowAnonymous]
-        [ValidateAntiForgeryToken]
         public ActionResult SaveFileKey(string file, string key)
         {
             Models.Upload upload = db.Uploads.Where(up => up.Url == file).FirstOrDefault();
@@ -263,7 +259,6 @@ namespace Teknik.Areas.Upload.Controllers
 
         [HttpPost]
         [AllowAnonymous]
-        [ValidateAntiForgeryToken]
         public ActionResult RemoveFileKey(string file, string key)
         {
             Models.Upload upload = db.Uploads.Where(up => up.Url == file).FirstOrDefault();
diff --git a/Teknik/Areas/Upload/Scripts/Upload.js b/Teknik/Areas/Upload/Scripts/Upload.js
index 92c69b4..8d318ef 100644
--- a/Teknik/Areas/Upload/Scripts/Upload.js
+++ b/Teknik/Areas/Upload/Scripts/Upload.js
@@ -11,7 +11,7 @@ function linkSaveKey(selector, uploadID, key, fileID) {
         $.ajax({
             type: "POST",
             url: saveKeyToServerURL,
-            data: AddAntiForgeryToken({ file: uploadID, key: key }),
+            data: { file: uploadID, key: key },
             success: function (html) {
                 if (html.result) {
                     $('#key-link-' + fileID).html('<button type="button" class="btn btn-default btn-sm" id="remove-key-link-' + fileID + '">Remove Key From Server</button>');
@@ -33,7 +33,7 @@ function linkRemoveKey(selector, uploadID, key, fileID) {
         $.ajax({
             type: "POST",
             url: removeKeyFromServerURL,
-            data: AddAntiForgeryToken({ file: uploadID, key: key }),
+            data: { file: uploadID, key: key },
             success: function (html) {
                 if (html.result) {
                     $('#key-link-' + fileID).html('<button type="button" class="btn btn-default btn-sm" id="save-key-link-' + fileID + '">Save Key To Server</button>');
@@ -55,7 +55,7 @@ function linkUploadDelete(selector, uploadID) {
         $.ajax({
             type: "POST",
             url: generateDeleteKeyURL,
-            data: AddAntiForgeryToken({ file: uploadID }),
+            data: { file: uploadID },
             success: function (html) {
                 if (html.result) {
                     bootbox.dialog({
diff --git a/Teknik/Areas/Upload/Views/Upload/Index.cshtml b/Teknik/Areas/Upload/Views/Upload/Index.cshtml
index 02175a1..b2dbf63 100644
--- a/Teknik/Areas/Upload/Views/Upload/Index.cshtml
+++ b/Teknik/Areas/Upload/Views/Upload/Index.cshtml
@@ -1,12 +1,14 @@
 @model Teknik.Areas.Upload.ViewModels.UploadViewModel
 
+@using Teknik.Helpers
+
 <script>
     var encScriptSrc = '@Scripts.Url("~/bundles/cryptoWorker")';
     var aesScriptSrc = '@Scripts.Url("~/bundles/crypto")';
-    var generateDeleteKeyURL = '@Url.SubRouteUrl("upload", "Upload.Action", new { action= "GenerateDeleteKey" })';
-    var saveKeyToServerURL = '@Url.SubRouteUrl("upload", "Upload.Action", new { action= "SaveFileKey" })';
-    var removeKeyFromServerURL = '@Url.SubRouteUrl("upload", "Upload.Action", new { action= "RemoveFileKey" })';
-    var uploadFileURL = '@Url.SubRouteUrl("upload", "Upload.Action", new { action = "Upload" })';
+    var generateDeleteKeyURL = '@Url.SubRouteUrl(Request.Url.Authority.GetSubdomain(), "Upload.Action", new { action= "GenerateDeleteKey" })';
+    var saveKeyToServerURL = '@Url.SubRouteUrl(Request.Url.Authority.GetSubdomain(), "Upload.Action", new { action= "SaveFileKey" })';
+    var removeKeyFromServerURL = '@Url.SubRouteUrl(Request.Url.Authority.GetSubdomain(), "Upload.Action", new { action= "RemoveFileKey" })';
+    var uploadFileURL = '@Url.SubRouteUrl(Request.Url.Authority.GetSubdomain(), "Upload.Action", new { action = "Upload" })';
     var maxUploadSize = @Model.Config.UploadConfig.MaxUploadSize;
     var chunkSize = @Model.Config.UploadConfig.ChunkSize;
     var keySize = @Model.Config.UploadConfig.KeySize;
diff --git a/Teknik/Migrations/Configuration.cs b/Teknik/Migrations/Configuration.cs
index b10c497..d793adb 100644
--- a/Teknik/Migrations/Configuration.cs
+++ b/Teknik/Migrations/Configuration.cs
@@ -22,10 +22,11 @@ namespace Teknik.Migrations
 
         protected override void Seed(Models.TeknikEntities context)
         {
-            Config config = Config.Load();
             // Pre-populate with the default stuff
 
             // Create system blog
+            /*
+            Config config = Config.Load();
             Areas.Profile.Models.User systemUser = new Areas.Profile.Models.User();
             systemUser.Username = Constants.SERVERUSER;
             systemUser.JoinDate = DateTime.Now;
@@ -74,15 +75,14 @@ namespace Teknik.Migrations
             context.Groups.AddOrUpdate(memberGroup);
 
             context.SaveChanges();
-
             if (config.DatabaseConfig.Migrate && !config.DevEnvironment)
             {
-                config.DatabaseConfig.Migrate = false;
-                Config.Save(config);
 
                 // Convert legacy MySQL DB to new MS SQL DB
                 MysqlDatabase db = new MysqlDatabase(config.DatabaseConfig);
                 db.MysqlErrorEvent += Db_MysqlErrorEvent;
+                config.DatabaseConfig.Migrate = false;
+                Config.Save(config);
 
                 // Transfer transactions
                 var transRet = db.Query("SELECT * FROM `transactions`");
@@ -120,7 +120,6 @@ namespace Teknik.Migrations
                     }
                 }
                 context.SaveChanges();
-
                 // Transfer Users and Blogs/Posts
                 Dictionary<int, int> userMapping = new Dictionary<int, int>();
                 Dictionary<int, int> postMapping = new Dictionary<int, int>();
@@ -146,13 +145,18 @@ namespace Teknik.Migrations
                     {
                         newUser.Groups.Add(adminGroup);
                     }
+                    
                     context.Users.AddOrUpdate(newUser);
                     context.SaveChanges();
-                    int oldUserId = Int32.Parse(user["id"].ToString());
-                    int userId = newUser.UserId;
-
-                    userMapping.Add(oldUserId, userId);
+                    string oldUsername = user["username"].ToString();
+                    Areas.Profile.Models.User newUser = context.Users.Where(u => u.Username == oldUsername).FirstOrDefault();
+                    if (newUser != null)
+                    {
+                        int oldUserId = Int32.Parse(user["id"].ToString());
+                        int userId = newUser.UserId;
 
+                        userMapping.Add(oldUserId, userId);
+                    }
                     // Create Blog for user
                     Areas.Blog.Models.Blog newBlog = new Areas.Blog.Models.Blog();
                     newBlog.UserId = userId;
@@ -195,7 +199,7 @@ namespace Teknik.Migrations
                         }
                     }
                 }
-
+                
                 // Transfer Blog Comments
                 var commentRet = db.Query("SELECT * FROM `comments` WHERE `service` = {0}", new object[] { "blog" });
                 foreach (var comment in commentRet)
@@ -214,13 +218,14 @@ namespace Teknik.Migrations
                         context.SaveChanges();
                     }
                 }
-
+                
                 // Transfer Pastes
                 var pasteRet = db.Query("SELECT * FROM `paste`");
                 foreach (var paste in pasteRet)
                 {
+                    string pass = paste["password"].ToString();
                     // If it's a password protected paste, we just skip it
-                    if (paste["password"] == null)
+                    if (string.IsNullOrEmpty(pass) || pass == "EMPTY")
                     {
                         string content = paste["code"].ToString();
                         string title = paste["title"].ToString();
@@ -237,53 +242,57 @@ namespace Teknik.Migrations
                         context.SaveChanges();
                     }
                 }
-
                 // Transfer Uploads
                 var uploadRet = db.Query("SELECT * FROM `uploads`");
                 foreach (var upload in uploadRet)
                 {
                     string url = upload["url"].ToString();
-                    string fileType = upload["type"].ToString();
-                    int contentLength = Int32.Parse(upload["filesize"].ToString());
-                    string deleteKey = upload["delete_key"].ToString();
-                    int userId = Int32.Parse(upload["user_id"].ToString());
-                    DateTime uploadDate = DateTime.Parse(upload["upload_date"].ToString());
-                    string fullUrl = string.Format("https://u.teknik.io/{0}", url);
-                    string fileExt = Path.GetExtension(fullUrl);
-
-                    // Download the old file and re-upload it
-                    using (WebClient client = new WebClient())
+                    Areas.Upload.Models.Upload upFound = context.Uploads.Where(u => u.Url == url).FirstOrDefault();
+                    if (upFound == null)
                     {
-                        try
-                        {
-                            byte[] fileData = client.DownloadData(fullUrl);
-                            // Generate key and iv if empty
-                            string key = Utility.RandomString(config.UploadConfig.KeySize / 8);
-                            string iv = Utility.RandomString(config.UploadConfig.BlockSize / 8);
+                        string fileType = upload["type"].ToString();
+                        int contentLength = Int32.Parse(upload["filesize"].ToString());
+                        string deleteKey = upload["delete_key"].ToString();
+                        int userId = Int32.Parse(upload["user_id"].ToString());
+                        DateTime uploadDate = DateTime.Parse(upload["upload_date"].ToString());
+                        string fullUrl = string.Format("https://u.teknik.io/{0}", url);
+                        string fileExt = Path.GetExtension(fullUrl);
 
-                            fileData = AES.Encrypt(fileData, key, iv);
-                            if (fileData == null || fileData.Length <= 0)
+                        // Download the old file and re-upload it
+                        using (WebClient client = new WebClient())
+                        {
+                            try
                             {
-                                continue;
+                                byte[] fileData = client.DownloadData(fullUrl);
+                                // Generate key and iv if empty
+                                string key = Utility.RandomString(config.UploadConfig.KeySize / 8);
+                                string iv = Utility.RandomString(config.UploadConfig.BlockSize / 8);
+
+                                fileData = AES.Encrypt(fileData, key, iv);
+                                if (fileData == null || fileData.Length <= 0)
+                                {
+                                    continue;
+                                }
+                                Areas.Upload.Models.Upload up = Uploader.SaveFile(fileData, fileType, contentLength, fileExt, iv, key, config.UploadConfig.KeySize, config.UploadConfig.BlockSize);
+                                if (userMapping.ContainsKey(userId))
+                                    up.UserId = userMapping[userId];
+                                if (!string.IsNullOrEmpty(deleteKey))
+                                    up.DeleteKey = deleteKey;
+                                up.Url = url;
+                                context.Uploads.Add(up);
+                                context.SaveChanges();
                             }
-                            Areas.Upload.Models.Upload up = Uploader.SaveFile(fileData, fileType, contentLength, fileExt, iv, key, config.UploadConfig.KeySize, config.UploadConfig.BlockSize);
-                            if (userMapping.ContainsKey(userId))
-                                up.UserId = userMapping[userId];
-                            if (!string.IsNullOrEmpty(deleteKey))
-                                up.DeleteKey = deleteKey;
-                            up.Url = url;
-                            context.Uploads.Add(up);
-                            context.SaveChanges();
+                            catch { }
                         }
-                        catch { }
                     }
                 }
             }
+                */
         }
 
         private void Db_MysqlErrorEvent(object sender, string e)
         {
-            throw new NotImplementedException();
+            //throw new NotImplementedException();
         }
     }
 }
diff --git a/Teknik/Scripts/Common.js b/Teknik/Scripts/Common.js
index 2f9d600..0d07d6e 100644
--- a/Teknik/Scripts/Common.js
+++ b/Teknik/Scripts/Common.js
@@ -1,9 +1,4 @@
 $(document).ready(function () {
-    AddAntiForgeryToken = function (data) {
-        data.__RequestVerificationToken = $('#__AjaxAntiForgeryForm input[name=__RequestVerificationToken]').val();
-        return data;
-    };
-
     $("#top_msg").css('display', 'none', 'important');
 
     $("#login_dropdown").click(function () {
diff --git a/Teknik/Views/Shared/_Layout.cshtml b/Teknik/Views/Shared/_Layout.cshtml
index fa5aa80..6f92eef 100644
--- a/Teknik/Views/Shared/_Layout.cshtml
+++ b/Teknik/Views/Shared/_Layout.cshtml
@@ -41,11 +41,6 @@
                     </div>
                 </div>
             </noscript>
-            <!-- Global AntiForgery Token -->
-            @using (Html.BeginForm(null, null, FormMethod.Post, new { id = "__AjaxAntiForgeryForm" }))
-            {
-                @Html.AntiForgeryToken()
-            }
 
             @RenderBody()
         </div> 
diff --git a/Teknik/Web.config b/Teknik/Web.config
index d7f0d78..f8f609c 100644
--- a/Teknik/Web.config
+++ b/Teknik/Web.config
@@ -42,6 +42,13 @@
         <requestLimits maxAllowedContentLength="1073741824" />
       </requestFiltering>
     </security>
+    <httpProtocol>
+      <customHeaders>
+        <add name="Access-Control-Allow-Origin" value="*" />
+        <add name="Access-Control-Allow-Methods" value="GET, PUT, POST, DELETE, OPTIONS" />
+        <add name="Access-Control-Allow-Headers" value="Accept, Content-Type" />
+      </customHeaders>
+    </httpProtocol>
   </system.webServer>
   <runtime>
     <assemblyBinding xmlns="urn:schemas-microsoft-com:asm.v1">