- Error out if 2 servers have the same tripcode
- Error out if a server has a weak password
- ETag cache
- Server-side hash?
- Log / audit log?

- Prevent directory traversal attacks
- Error handling

- Reverse proxy to other local servers