diff --git a/README.md b/README.md
index bdf1a33..2f2c505 100644
--- a/README.md
+++ b/README.md
@@ -95,7 +95,7 @@ ln -s /etc/systemd/system/hosting.timer /etc/systemd/system/multi-user.target.wa
 Add empty directories that should be copied when creating a new user and set permissions correctly:
 ```
 mkdir /var/www/skel/data /var/www/skel/Maildir /var/www/skel/tmp
-chmod 700 /var/www/skel/data /var/www/skel/Maildir /var/www/skel/tmp /var/www/skel/www
+chmod 750 /var/www/skel/data /var/www/skel/Maildir /var/www/skel/tmp /var/www/skel/www
 ```
 
 Live demo:
diff --git a/var/www/html/login.php b/var/www/html/login.php
index 55462e0..3e53b6f 100644
--- a/var/www/html/login.php
+++ b/var/www/html/login.php
@@ -12,6 +12,7 @@ if(!empty($_SESSION['hosting_username'])){
 	exit;
 }
 $msg='';
+$username='';
 if($_SERVER['REQUEST_METHOD']==='POST'){
 	$ok=true;
 	if(CAPTCHA){
@@ -49,20 +50,25 @@ if($_SERVER['REQUEST_METHOD']==='POST'){
 			$stmt=$db->prepare('SELECT username, password FROM users WHERE onion=?;');
 			$stmt->execute([$match[1]]);
 			$tmp=$stmt->fetch(PDO::FETCH_NUM);
-			}
+		}
 		if($tmp){
 			if(!isset($_POST['pass']) || !password_verify($_POST['pass'], $tmp[1])){
 				$msg.='<p style="color:red;">Error, wrong password.</p>';
+				$ok=false;
 			}else{
-				$_SESSION['hosting_username']=$tmp[0];
-				session_write_close();
-				header('Location: home.php');
-				exit;
+				$username=$tmp[0];
 			}
 		}else{
 			$msg.='<p style="color:red;">Error, username was not found. If you forgot it, you can enter youraccount.onion instead.</p>';
+			$ok=false;
 		}
 	}
+	if($ok){
+		$_SESSION['hosting_username']=$username;
+		session_write_close();
+		header('Location: home.php');
+		exit;
+	}
 }
 echo '<!DOCTYPE html><html><head>';
 echo '<title>Daniel\'s Hosting - Login</title>';