- Error out if 2 servers have the same tripcode
- Error out if a server has a weak password
- ETag cache
- Server-side hash?
- Log / audit log?
- Prevent directory traversal attacks
- Error handling
- Reverse proxy to other local servers