diff --git a/.idea/inspectionProfiles/Project_Default.xml b/.idea/inspectionProfiles/Project_Default.xml
new file mode 100644
index 0000000..52a93e4
--- /dev/null
+++ b/.idea/inspectionProfiles/Project_Default.xml
@@ -0,0 +1,17 @@
+<component name="InspectionProjectProfileManager">
+  <profile version="1.0">
+    <option name="myName" value="Project Default" />
+    <inspection_tool class="PyPackageRequirementsInspection" enabled="true" level="WARNING" enabled_by_default="true">
+      <option name="ignoredPackages">
+        <value>
+          <list size="4">
+            <item index="0" class="java.lang.String" itemvalue="django-compressor-develop" />
+            <item index="1" class="java.lang.String" itemvalue="django-recaptcha-develop" />
+            <item index="2" class="java.lang.String" itemvalue="django-robokassa" />
+            <item index="3" class="java.lang.String" itemvalue="python-dateutil" />
+          </list>
+        </value>
+      </option>
+    </inspection_tool>
+  </profile>
+</component>
\ No newline at end of file
diff --git a/.idea/vcs.xml b/.idea/vcs.xml
new file mode 100644
index 0000000..94a25f7
--- /dev/null
+++ b/.idea/vcs.xml
@@ -0,0 +1,6 @@
+<?xml version="1.0" encoding="UTF-8"?>
+<project version="4">
+  <component name="VcsDirectoryMappings">
+    <mapping directory="$PROJECT_DIR$" vcs="Git" />
+  </component>
+</project>
\ No newline at end of file
diff --git a/configs/nginx.conf b/configs/nginx.conf
index 2eb954b..aec4646 100644
--- a/configs/nginx.conf
+++ b/configs/nginx.conf
@@ -1,5 +1,4 @@
 server {
-  listen 80;
   server_name drop.bakatrouble.pw;
 
   location /_ {
@@ -10,10 +9,22 @@ server {
     include             uwsgi_params;
     uwsgi_pass          unix:///tmp/drop.sock;
   }
+
+    listen 443 ssl; # managed by Certbot
+    ssl_certificate /etc/letsencrypt/live/bakatrouble.pw/fullchain.pem; # managed by Certbot
+    ssl_certificate_key /etc/letsencrypt/live/bakatrouble.pw/privkey.pem; # managed by Certbot
+    include /etc/letsencrypt/options-ssl-nginx.conf; # managed by Certbot
+
+
+    if ($scheme != "https") {
+        return 301 https://$host$request_uri;
+    } # managed by Certbot
+
+
+
 }
 
 server {
-  listen 80;
   server_name ~^(?<dir>.*)\.drop\.bakatrouble\.pw$;
 
   location /_ {
@@ -24,4 +35,31 @@ server {
     include             uwsgi_params;
     uwsgi_pass          unix:///tmp/drop.sock;
   }
+
+    listen 443 ssl; # managed by Certbot
+    ssl_certificate /etc/letsencrypt/live/bakatrouble.pw/fullchain.pem; # managed by Certbot
+    ssl_certificate_key /etc/letsencrypt/live/bakatrouble.pw/privkey.pem; # managed by Certbot
+    include /etc/letsencrypt/options-ssl-nginx.conf; # managed by Certbot
+
+
+    if ($scheme != "https") {
+        return 301 https://$host$request_uri;
+    } # managed by Certbot
+
+}
+server {
+    if ($host = drop.bakatrouble.pw) {
+        return 301 https://$host$request_uri;
+    } # managed by Certbot
+
+    if ($host ~ ^(?<dir>.*)\.drop\.bakatrouble\.pw$) {
+        return 301 https://$host$request_uri;
+    } # managed by Certbot
+
+
+  listen 80;
+  server_name drop.bakatrouble.pw ~^(?<dir>.*)\.drop\.bakatrouble\.pw$;
+    return 404; # managed by Certbot
+
+
 }