diff --git a/var/www/common.php b/var/www/common.php
index 8503c5d..41cee20 100644
--- a/var/www/common.php
+++ b/var/www/common.php
@@ -5,7 +5,7 @@ const DBUSER='hosting'; // Database user
 const DBPASS='MY_PASSWORD'; // Database password
 const DBNAME='hosting'; // Database
 const PERSISTENT=true; // Use persistent database conection true/false
-const DBVERSION=12; //database layout version
+const DBVERSION=13; //database layout version
 const CAPTCHA=0; // Captcha difficulty (0=off, 1=simple, 2=moderate, 3=extreme)
 const ADDRESS='dhosting4xxoydyaivckq7tsmtgi4wfs3flpeyitekkmqwu4v4r46syd.onion'; // our own address
 const SERVERS=[ //servers and ports we are running on
@@ -107,6 +107,7 @@ server {
 ';
 const MAX_NUM_USER_DBS = 5; //maximum number of databases a user may have
 const MAX_NUM_USER_ONIONS = 3; //maximum number of onion domains a user may have
+const MAX_NUM_USER_DOMAINS = 3; //maximum number of clearnet domains a user may have
 
 function get_onion_v2($pkey) : string {
 	$keyData = openssl_pkey_get_details($pkey);
@@ -397,6 +398,7 @@ function ed25519_seckey_expand(string $seed) : string {
 
 function rewrite_nginx_config(PDO $db){
 	$nginx='';
+	// onions
 	$stmt=$db->query("SELECT users.system_account, users.php, users.autoindex, onions.onion FROM users INNER JOIN onions ON (onions.user_id=users.id) WHERE onions.enabled IN (1, -2) AND users.id NOT IN (SELECT user_id FROM new_account) AND users.todelete!=1;");
 	while($tmp=$stmt->fetch(PDO::FETCH_ASSOC)){
 		if($tmp['php']>0){
@@ -412,7 +414,6 @@ function rewrite_nginx_config(PDO $db){
 		}
 		$autoindex = $tmp['autoindex'] ? 'on' : 'off';
 		$nginx.="server {
-	listen [::]:80;
 	listen unix:/var/run/nginx/$tmp[system_account];
 	root /home/$tmp[system_account]/www;
 	server_name $tmp[onion].onion *.$tmp[onion].onion;
@@ -426,6 +427,38 @@ function rewrite_nginx_config(PDO $db){
 		try_files \$uri \$uri/ =404;$php_location
 	}
 }
+";
+
+	}
+	// clearnet domains
+	$stmt=$db->query("SELECT users.system_account, users.php, users.autoindex, domains.domain FROM users INNER JOIN domains ON (domains.user_id=users.id) WHERE domains.enabled = 1 AND users.id NOT IN (SELECT user_id FROM new_account) AND users.todelete != 1;");
+	while($tmp=$stmt->fetch(PDO::FETCH_ASSOC)){
+		if($tmp['php']>0){
+			$php_location="
+		location ~ [^/]\.php(/|\$) {
+			include snippets/fastcgi-php.conf;
+			fastcgi_param DOCUMENT_ROOT /www;
+			fastcgi_param SCRIPT_FILENAME /www\$fastcgi_script_name;
+			fastcgi_pass unix:/run/php/$tmp[system_account];
+		}";
+		}else{
+			$php_location='';
+		}
+		$autoindex = $tmp['autoindex'] ? 'on' : 'off';
+		$nginx.="server {
+	listen [::]:80;
+	root /home/$tmp[system_account]/www;
+	server_name $tmp[domain];
+	access_log /var/log/nginx/access_$tmp[system_account].log custom buffer=4k flush=1m;
+	access_log /home/$tmp[system_account]/logs/access.log custom buffer=4k flush=1m;
+	error_log /var/log/nginx/error_$tmp[system_account].log notice;
+	error_log /home/$tmp[system_account]/logs/error.log notice;
+	disable_symlinks on from=/home/$tmp[system_account];
+	autoindex $autoindex;
+	location / {
+		try_files \$uri \$uri/ =404;$php_location
+	}
+}
 ";
 
 	}
@@ -541,6 +574,39 @@ function del_user_onion(PDO $db, int $user_id, string $onion) {
 	}
 }
 
+function add_user_domain(PDO $db, int $user_id, string $domain) : string {
+	$domain = strtolower($domain);
+	if(strlen($domain) > 255){
+		return 'Domain can\'t be longer than 255 characters';
+	}
+	$parts = explode('.', $domain);
+	if(count($parts) < 2){
+		return 'Invalid domain';
+	}
+	foreach($parts as $part){
+		if(!preg_match('/^([0-9a-z][0-9a-z\-]*[0-9a-z]|[0-9a-z])$/', $part)){
+			return 'Invalid domain';
+		}
+	}
+	$stmt = $db->prepare('SELECT null FROM domains WHERE domain = ?;');
+	$stmt->execute([$domain]);
+	if($stmt->fetch()){
+		return 'This domain already exists!';
+	}
+	$stmt = $db->prepare("INSERT INTO domains (user_id, domain, enabled) VALUES (?, ?, 1);");
+	$stmt->execute([$user_id, $domain]);
+	return '';
+}
+
+function del_user_domain(PDO $db, int $user_id, string $domain) {
+	$stmt = $db->prepare('SELECT null FROM domains WHERE user_id = ? AND domain = ? AND enabled IN (0, 1);');
+	$stmt->execute([$user_id, $domain]);
+	if($stmt->fetch()){
+		$stmt = $db->prepare("DELETE FROM domains WHERE user_id = ? AND domain = ?;");
+		$stmt->execute([$user_id, $domain]);
+	}
+}
+
 function check_csrf_error(){
 	if(empty($_POST['csrf_token']) || $_POST['csrf_token'] !== $_SESSION['csrf_token']){
 		return 'Invalid CSRF token, please try again.';
diff --git a/var/www/html/home.php b/var/www/html/home.php
index a5ce448..67c0a35 100644
--- a/var/www/html/home.php
+++ b/var/www/html/home.php
@@ -110,7 +110,46 @@ if(isset($_POST['action']) && $_POST['action']==='del_onion_2' && !empty($_POST[
 	}
 	del_user_onion($db, $user['id'], $_POST['onion']);
 }
-if(isset($_REQUEST['action']) && isset($_REQUEST['onion']) && $_REQUEST['action']==='edit'){
+if(isset($_POST['action']) && $_POST['action']==='add_domain' && !empty($_POST['domain'])){
+	if($error=check_csrf_error()){
+		die($error);
+	}
+	$error = add_user_domain($db, $user['id'], $_POST['domain']);
+	if(!empty($error)){
+		$msg = "<p style=\"color:red;\">$error</p>";
+	}else{
+		$stmt=$db->prepare('UPDATE service_instances SET reload = 1 WHERE id = ?');
+		$stmt->execute([substr($user['system_account'], 0, 1)]);
+	}
+}
+if(isset($_POST['action']) && $_POST['action']==='del_domain' && !empty($_POST['domain'])){
+	if($error=check_csrf_error()){
+		die($error);
+	} ?>
+<!DOCTYPE html><html><head>
+<title>Daniel's Hosting - Delete domain</title>
+<meta http-equiv="Content-Type" content="text/html; charset=utf-8">
+<meta name="author" content="Daniel Winzen">
+<meta name="viewport" content="width=device-width, initial-scale=1">
+</head><body>
+<p>This will delete your domain <?php echo htmlspecialchars($_POST['domain']); ?> and all data asociated with it. It can't be un-done. Are you sure?</p>
+<form method="post" action="home2.php"><input type="hidden" name="csrf_token" value="<?php echo $_SESSION['csrf_token']; ?>">
+<input type="hidden" name="domain" value="<?php echo htmlspecialchars($_POST['domain']); ?>">
+<button type="submit" name="action" value="del_domain_2">Yes, delete</button>
+</form>
+<p><a href="home.php">No, don't delete.</a></p>
+</body></html><?php
+exit;
+}
+if(isset($_POST['action']) && $_POST['action']==='del_domain_2' && !empty($_POST['domain'])){
+	if($error=check_csrf_error()){
+		die($error);
+	}
+	del_user_domain($db, $user['id'], $_POST['domain']);
+	$stmt=$db->prepare('UPDATE service_instances SET reload = 1 WHERE id = ?');
+	$stmt->execute([substr($user['system_account'], 0, 1)]);
+}
+if(isset($_REQUEST['action']) && isset($_REQUEST['onion']) && $_REQUEST['action']==='edit_onion'){
 	if($error=check_csrf_error()){
 		die($error);
 	}
@@ -139,6 +178,20 @@ if(isset($_REQUEST['action']) && isset($_REQUEST['onion']) && $_REQUEST['action'
 		$stmt->execute([substr($_REQUEST['onion'], 0, 1)]);
 	}
 }
+if(isset($_REQUEST['action']) && isset($_POST['domain']) && $_POST['action']==='edit_domain'){
+	if($error=check_csrf_error()){
+		die($error);
+	}
+	$stmt=$db->prepare('SELECT null FROM domains WHERE domain = ? AND user_id = ? AND enabled IN (0, 1);');
+	$stmt->execute([$_POST['domain'], $user['id']]);
+	if($onion=$stmt->fetch(PDO::FETCH_NUM)){
+		$stmt=$db->prepare('UPDATE domains SET enabled = ? WHERE domain = ?;');
+		$enabled = isset($_POST['enabled']) ? 1 : 0;
+		$stmt->execute([$enabled, $_POST['domain']]);
+		$stmt=$db->prepare('UPDATE service_instances SET reload = 1 WHERE id = ?');
+		$stmt->execute([substr($user['system_account'], 0, 1)]);
+	}
+}
 
 header('Content-Type: text/html; charset=UTF-8');
 echo '<!DOCTYPE html><html><head>';
@@ -153,7 +206,7 @@ if(!empty($msg)){
 	echo $msg;
 }
 echo "<p>Enter system account password to check your $user[system_account]@" . ADDRESS . " mail:</td><td><form action=\"squirrelmail/src/redirect.php\" method=\"post\" target=\"_blank\"><input type=\"hidden\" name=\"login_username\" value=\"$user[system_account]\"><input type=\"password\" name=\"secretkey\"><input type=\"submit\" value=\"Login to webmail\"></form></p>";
-echo '<h3>Domains</h3>';
+echo '<h3>Onion domains</h3>';
 echo '<table border="1">';
 echo '<tr><th>Onion</th><th>Private key</th><th>Enabled</th><th>SMTP enabled</th><th>Nr. of intros</th><th>Max streams per rend circuit</th><th>Action</th></tr>';
 $stmt=$db->prepare('SELECT onion, private_key, enabled, enable_smtp, num_intros, max_streams FROM onions WHERE user_id = ?;');
@@ -176,7 +229,7 @@ while($onion=$stmt->fetch(PDO::FETCH_ASSOC)){
 	echo '<td><input type="number" name="num_intros" min="3" max="20" value="'.$onion['num_intros'].'"></td>';
 	echo '<td><input type="number" name="max_streams" min="0" max="65535" value="'.$onion['max_streams'].'"></td>';
 	if(in_array($onion['enabled'], [0, 1])){
-		echo '<td><button type="submit" name="action" value="edit">Save</button>';
+		echo '<td><button type="submit" name="action" value="edit_onion">Save</button>';
 		echo '<button type="submit" name="action" value="del_onion">Delete</button></td>';
 	}else{
 		echo '<td>Unavailable</td>';
@@ -201,6 +254,36 @@ if($count_onions<MAX_NUM_USER_ONIONS){
 	echo '</label></td><td><button type="submit" name="action" value="add_onion">Add onion</button></td></tr></form>';
 }
 echo '</table>';
+echo '<h3>Clearnet domains</h3>';
+echo '<table border="1">';
+echo '<tr><th>Domain</th><th>Enabled</th><th>Action</th></tr>';
+$stmt=$db->prepare('SELECT domain, enabled FROM domains WHERE user_id = ?;');
+$stmt->execute([$user['id']]);
+$count_domains = 0;
+while($domain=$stmt->fetch(PDO::FETCH_ASSOC)){
+	++$count_domains;
+	echo "<form action=\"home2.php\" method=\"post\"><input type=\"hidden\" name=\"csrf_token\" value=\"$_SESSION[csrf_token]\"><input type=\"hidden\" name=\"domain\" value=\"$domain[domain]\"><tr><td><a href=\"https://$domain[domain]\" target=\"_blank\">$domain[domain]</a></td>";
+	echo '<td><label><input type="checkbox" name="enabled" value="1"';
+	echo $domain['enabled'] ? ' checked' : '';
+	echo '>Enabled</label></td>';
+	if(in_array($domain['enabled'], [0, 1])){
+		echo '<td><button type="submit" name="action" value="edit_domain">Save</button>';
+		echo '<button type="submit" name="action" value="del_domain">Delete</button></td>';
+	}else{
+		echo '<td>Unavailable</td>';
+	}
+	echo '</tr></form>';
+}
+if($count_domains<MAX_NUM_USER_DOMAINS){
+	echo "<form action=\"home2.php\" method=\"post\"><input type=\"hidden\" name=\"csrf_token\" value=\"$_SESSION[csrf_token]\">";
+	echo '<tr><td colspan="2">Add additional domain:<br>';
+	echo '<input type="text" name="domain" value="';
+	echo isset($_POST['domain']) ? htmlspecialchars($_POST['domain']) : '';
+	echo '">';
+	echo '</td><td><button type="submit" name="action" value="add_domain">Add domain</button></td></tr></form>';
+}
+echo '</table>';
+echo '<p>To enable your clearnet domain, edit your DNS settings and enter 116.202.17.147 as your A record and 2a01:4f8:c010:d56::1 as your AAAA record. Once you have modified your DNS settings, <a href="https://danwin1210.me/contact.php" target="_blank">contact me</a> to configure the SSL certificate. You may also use any subdomain of danwin1210.me, like yoursite.danwin1210.me</p>';
 echo '<h3>MySQL Database</h3>';
 echo '<table border="1">';
 echo '<tr><th>Database</th><th>Host</th><th>User</th><th>Action</th></tr>';
diff --git a/var/www/setup.php b/var/www/setup.php
index 7a52c6f..88d4ff7 100644
--- a/var/www/setup.php
+++ b/var/www/setup.php
@@ -27,6 +27,7 @@ if(!@$version=$db->query("SELECT value FROM settings WHERE setting='version';"))
 	$db->exec('CREATE TABLE pass_change (user_id int(11) NOT NULL PRIMARY KEY, password varchar(255) COLLATE latin1_bin NOT NULL, CONSTRAINT pass_change_ibfk_1 FOREIGN KEY (user_id) REFERENCES users (id) ON DELETE CASCADE ON UPDATE CASCADE) ENGINE=InnoDB DEFAULT CHARSET=latin1 COLLATE=latin1_bin;');
 	$db->exec('CREATE TABLE mysql_databases (user_id int(11) NOT NULL, mysql_database varchar(64) COLLATE latin1_bin NOT NULL, KEY user_id (user_id), CONSTRAINT mysql_database_ibfk_1 FOREIGN KEY (user_id) REFERENCES users (id) ON DELETE CASCADE ON UPDATE CASCADE) ENGINE=InnoDB DEFAULT CHARSET=latin1 COLLATE=latin1_bin;');
 	$db->exec("CREATE TABLE onions (user_id int(11) NULL, onion varchar(56) COLLATE latin1_bin NOT NULL PRIMARY KEY, private_key varchar(1000) COLLATE latin1_bin NOT NULL, version tinyint(1) NOT NULL, enabled tinyint(1) NOT NULL DEFAULT '1', num_intros tinyint(3) NOT NULL DEFAULT '3', enable_smtp tinyint(1) NOT NULL DEFAULT '1', max_streams tinyint(3) unsigned NOT NULL DEFAULT '20', KEY user_id (user_id), KEY enabled (enabled), CONSTRAINT onions_ibfk_1 FOREIGN KEY (user_id) REFERENCES users (id) ON DELETE SET NULL ON UPDATE CASCADE) ENGINE=InnoDB DEFAULT CHARSET=latin1 COLLATE=latin1_bin;");
+	$db->exec("CREATE TABLE domains (user_id int(11) NULL, domain varchar(255) COLLATE latin1_bin NOT NULL PRIMARY KEY, enabled tinyint(1) NOT NULL DEFAULT '1', KEY user_id (user_id), KEY enabled (enabled), CONSTRAINT domains_ibfk_1 FOREIGN KEY (user_id) REFERENCES users (id) ON DELETE CASCADE ON UPDATE CASCADE) ENGINE=InnoDB DEFAULT CHARSET=latin1 COLLATE=latin1_bin;");
 	$db->exec("CREATE TABLE service_instances (id char(1) NOT NULL PRIMARY KEY, reload tinyint(1) UNSIGNED NOT NULL DEFAULT '0', KEY reload (reload)) ENGINE=InnoDB DEFAULT CHARSET=latin1 COLLATE=latin1_bin;");
 	$stmt=$db->prepare('INSERT INTO service_instances (id) VALUES (?);');
 	foreach(SERVICE_INSTANCES as $key){
@@ -138,6 +139,9 @@ if(!@$version=$db->query("SELECT value FROM settings WHERE setting='version';"))
 			}
 		}
 	}
+	if($version<13){
+		$db->exec("CREATE TABLE domains (user_id int(11) NULL, domain varchar(255) COLLATE latin1_bin NOT NULL PRIMARY KEY, enabled tinyint(1) NOT NULL DEFAULT '1', KEY user_id (user_id), KEY enabled (enabled), CONSTRAINT domains_ibfk_1 FOREIGN KEY (user_id) REFERENCES users (id) ON DELETE CASCADE ON UPDATE CASCADE) ENGINE=InnoDB DEFAULT CHARSET=latin1 COLLATE=latin1_bin;");
+	}
 	$stmt=$db->prepare("UPDATE settings SET value=? WHERE setting='version';");
 	$stmt->execute([DBVERSION]);
 }