diff --git a/files/lighttpd-grav.conf b/files/lighttpd-grav.conf
index 9ba7b23..93f48f3 100644
--- a/files/lighttpd-grav.conf
+++ b/files/lighttpd-grav.conf
@@ -1,39 +1,40 @@
-##PREVENTING EXPLOITS
-#$HTTP["querystring"] =~ "base64_encode[^(]*\([^)]*\)" {
-#    url.redirect = (".*" => "/index.php"       )
-#}
-#$HTTP["querystring"] =~ "(<|%3C)([^s]*s)+cript.*(>|%3E)" {
-#    url.redirect = (".*" => "/index.php" )
-#}
-#$HTTP["querystring"] =~ "GLOBALS(=|\[|\%[0-9A-Z])" {
-#    url.redirect = (".*" => "/index.php" )
-#}
-#$HTTP["querystring"] =~ "_REQUEST(=|\[|\%[0-9A-Z])" {
-#    url.redirect = (".*" => "/index.php" )
-#}
+server.modules += ( "mod_redirect" )
+
+#PREVENTING EXPLOITS
+$HTTP["querystring"] =~ "base64_encode[^(]*\([^)]*\)" {
+    url.redirect = (".*" => "/index.php"       )
+}
+$HTTP["querystring"] =~ "(<|%3C)([^s]*s)+cript.*(>|%3E)" {
+    url.redirect = (".*" => "/index.php" )
+}
+$HTTP["querystring"] =~ "GLOBALS(=|\[|\%[0-9A-Z])" {
+    url.redirect = (".*" => "/index.php" )
+}
+$HTTP["querystring"] =~ "_REQUEST(=|\[|\%[0-9A-Z])" {
+    url.redirect = (".*" => "/index.php" )
+}
 
 #REROUTING TO THE INDEX PAGE
 url.rewrite-if-not-file = (
-    "^/(.*)$" => "/index.php/$1"
+    "^/(.*)$" => "/index.php?$1"
 )
 
-##IMPROVING SECURITY
-#$HTTP["url"] =~ "^/(LICENSE.txt|composer.json|composer.lock|nginx.conf|web.config)$" {
-#    url.access-deny = ("")
-#}
-#$HTTP["url"] =~ "^/(.git|cache|bin|logs|backup|tests)/(.*)" {
-#    url.access-deny = ("")
-#}
-#$HTTP["url"] =~ "^/(system|user|vendor)/(.*)\.(txt|md|html|yaml|php|twig|sh|bat)$" {
-#    url.access-deny = ("")
-#}
-#$HTTP["url"] =~ "^/(\.(.*))" {
-#    url.access-deny = ("")
-#}
-#url.access-deny = (".md","~",".inc")
+#IMPROVING SECURITY
+$HTTP["url"] =~ "^/(LICENSE\.txt|composer\.json|composer\.lock|nginx\.conf|web\.config)$" {
+    url.access-deny = ("")
+}
+$HTTP["url"] =~ "^/(\.git|cache|bin|logs|backup|tests)/(.*)" {
+    url.access-deny = ("")
+}
+$HTTP["url"] =~ "^/(system|user|vendor)/(.*)\.(txt|md|html|htm|shtml|shtm|json|yaml|yml|php|php2|php3|php4|php5|phar|phtml|twig|sh|bat)$" {
+    url.access-deny = ("")
+}
+$HTTP["url"] =~ "^/(\.(.*))" {
+    url.access-deny = ("")
+}
+url.access-deny += (".md","~",".inc")
 
 #PREVENT BROWSING AND SET INDEXES
-$HTTP["url"] =~ "^/($|/)" {
-    dir-listing.activate = "disable"
+$HTTP["url"] =~ "^/grav_path($|/)" {
     index-file.names = ( "index.php", "index.html" , "index.htm" )
 }
diff --git a/files/lighttpd-php-cgi.conf b/files/lighttpd-php-cgi.conf
index 0da143b..a7b797c 100644
--- a/files/lighttpd-php-cgi.conf
+++ b/files/lighttpd-php-cgi.conf
@@ -3,7 +3,7 @@ fastcgi.server = ( ".php" =>
    ( "localhost" =>
       (
          "socket"      =>      "/run/lighttpd/lighttpd-fastcgi-php-" + PID + ".socket",
-         "bin-path"   =>      "/usr/bin/php-cgi"
+         "bin-path"   =>      "/usr/bin/php-cgi82"
       )
    )
 )
diff --git a/files/update-grav b/files/update-grav
new file mode 100644
index 0000000..829f832
--- /dev/null
+++ b/files/update-grav
@@ -0,0 +1,7 @@
+#!/bin/ash
+
+HTDOC="/var/www/localhost/htdocs"
+
+cd $HTDOC
+sudo -u lighttpd ./bin/gpm selfupgrade -q -n -y
+sudo -u lighttpd ./bin/gpm update -q -n -y
diff --git a/tasks/main.yml b/tasks/main.yml
index 8fb27f9..695149d 100644
--- a/tasks/main.yml
+++ b/tasks/main.yml
@@ -1,17 +1,19 @@
 ---
 - name: install packages
-  apk: "name={{ item }} state=latest"
-  with_items: "{{ install_packages }}"
+  apk: 
+    name: "{{ install_packages }}"
+    state: latest
+#  with_items: "{{ install_packages }}"
 
 - name: symlink /usr/bin/php
   file:
-    src: /usr/bin/php7
+    src: /usr/bin/php82
     dest: /usr/bin/php
     state: link
 
 - name: download grav
   get_url:
-    url: https://getgrav.org/download/core/grav-admin/1.7.12
+    url: https://getgrav.org/download/core/grav-admin/1.7.48
     dest: /var/www/localhost/grav-cms.zip
 
 - name: extract grav
@@ -49,15 +51,13 @@
     src: lighttpd-php-cgi.conf
     dest: /etc/lighttpd/php-cgi.conf
 
-- name: add php-cgi.conf to lighttpd config
-  lineinfile:
-    path: /etc/lighttpd/lighttpd.conf
-    line: 'include "php-cgi.conf"'
-
-- name: add grav.conf to lighttpd config
-  lineinfile:
-    path: /etc/lighttpd/lighttpd.conf
-    line: 'include "grav.conf"'
+- name: add update scripts
+  copy:
+    src: update-grav
+    dest: /etc/periodic/daily/update-grav
+    owner: root
+    group: root
+    mode: 0750
 
 - name: restart lighttpd
   service:
diff --git a/vars/main.yml b/vars/main.yml
index 461e9eb..b6b403c 100644
--- a/vars/main.yml
+++ b/vars/main.yml
@@ -1,21 +1,23 @@
 ---
 install_packages:
     - unzip
-    - php7
-    - php7-cgi
-    - php7-dom
-    - php7-gd
-    - php7-curl
-    - php7-openssl
-    - php7-zip
-    - php7-xml
-    - php7-apcu
-    - php7-opcache
-    - php7-ctype
-    - php7-json
-    - php7-phar
-    - php7-mbstring
-    - php7-session
     - yaml
-    - php7-simplexml
-    - php7-pecl-redis
+    - sudo
+    - php82
+    - php82-apcu
+    - php82-cgi
+    - php82-curl
+    - php82-ctype
+    - php82-dom
+    - php82-gd
+    - php82-intl
+    - php82-json
+    - php82-mbstring
+    - php82-opcache
+    - php82-openssl
+    - php82-pecl-redis
+    - php82-phar
+    - php82-session
+    - php82-simplexml
+    - php82-xml
+    - php82-zip