diff --git a/banlist.lol b/banlist.lol
new file mode 100644
index 0000000..e69de29
diff --git a/config.py b/config.py
index f10c2a1..2fa2043 100644
--- a/config.py
+++ b/config.py
@@ -1,4 +1,4 @@
-name="debweb 1.2.2"
+name="debweb 1.2.3"
 proxied=False
 
 addr="localhost"
diff --git a/html/403.html b/html/403.html
index cee9707..e511630 100644
--- a/html/403.html
+++ b/html/403.html
@@ -1,7 +1,7 @@
 <html>
-<head><title>404 Forbidden</title></head>
+<head><title>403 Forbidden</title></head>
 <body>
-<center><h1>404 Forbidden</h1></center>
+<center><h1>403 Forbidden</h1></center>
 <hr><center>debweb</center>
 </body>
 </html> 
diff --git a/main.py b/main.py
index 7397789..d29ceff 100644
--- a/main.py
+++ b/main.py
@@ -77,7 +77,6 @@ class WebServer:
 
         if real_addr and config.proxied:
             addr = (real_addr, addr[1])
-
         request = data.split("\n")[0]
         parts = request.split()
         if len(parts) < 2: return
@@ -86,7 +85,7 @@ class WebServer:
         file_name = path[1:] if path.startswith('/') else path
         file_path = os.path.abspath(os.path.join(config.directory, file_name))
 
-        if not file_path.startswith(os.path.abspath(config.directory)):
+        if not file_path.startswith(os.path.abspath(config.directory)): # directory traversal
             await self.log(config.err_msgs[418], addr, file_path)
             file_size = os.path.getsize(config.err_files[418])
             await self.send_headers(writer, 418, file_size)
@@ -95,6 +94,17 @@ class WebServer:
             writer.close()
             await writer.wait_closed()
             return
+        
+
+        if addr[0] in utils.get_banlist(): # banlist for pidors
+            await self.log(config.err_msgs[403], addr, file_path)
+            file_size = os.path.getsize(config.err_files[403])
+            await self.send_headers(writer, 403, file_size)
+            await self.send_file(writer, config.err_files[403], file_size)
+
+            writer.close()
+            await writer.wait_closed()
+            return
 
 
         if os.path.isfile(file_path):
diff --git a/utils.py b/utils.py
index ba6b0bf..a2ba424 100644
--- a/utils.py
+++ b/utils.py
@@ -10,4 +10,8 @@ def get_mod_time(path: str, format: str="%a %b %e %H:%M:%S %Z %Y") -> str:
 def get_create_time(path: str, format: str="%a %b %e %H:%M:%S %Z %Y") -> str:
     create_time = os.path.getctime(path)
     create_datetime = datetime.datetime.fromtimestamp(create_time)
-    return create_datetime.strftime(format)
\ No newline at end of file
+    return create_datetime.strftime(format)
+
+
+def get_banlist() -> list:
+    return list(set(open("banlist.lol").readlines()))
\ No newline at end of file