diff --git a/README.md b/README.md
index d964228..8543c8f 100644
--- a/README.md
+++ b/README.md
@@ -197,11 +197,10 @@ Default value : system, exec, shell_exec, passthru, phpinfo, show_source, highli
 List of PHP functions blacklisted. They can't be used anywhere in PHP code.
 
 ## TODO
-- Block country alternative as maxmind db
 - Test with default wordpress install
 - Test with custom confs reverse proxy
-- Edit CONTENT_SECURITY_POLICY default value ?
-- Custom TLS certificates
 - Documentation
-- Certificate Transparency
+- Fail2Ban
+- Custom TLS certificates
 - HSTS preload
+- Web UI
diff --git a/confs/disable-default-server.conf b/confs/disable-default-server.conf
index ede9fa8..104794d 100644
--- a/confs/disable-default-server.conf
+++ b/confs/disable-default-server.conf
@@ -1,4 +1,3 @@
-server {
-	listen 0.0.0.0:80 default_server;
+if ($host !~ ^(%SERVER_NAME%)$) {
 	return 444;
 }
diff --git a/confs/nginx.conf b/confs/nginx.conf
index 84c3c56..f9e708e 100644
--- a/confs/nginx.conf
+++ b/confs/nginx.conf
@@ -67,15 +67,12 @@ http {
 	# server config
 	include /etc/nginx/server.conf;
 
-	# disable default server
-	%DISABLE_DEFAULT_SERVER%
-
-	# check if country is blocked
+	# list of blocked country
 	%BLOCK_COUNTRY%
 
-	# check if user agent is blocked
+	# list of blocker user agents
 	%BLOCK_USER_AGENT%
 
-	# enable ModSecurity
+	# enable/disable ModSecurity
 	%USE_MODSECURITY%
 }
diff --git a/confs/server.conf b/confs/server.conf
index 3addb98..d038e50 100644
--- a/confs/server.conf
+++ b/confs/server.conf
@@ -3,6 +3,7 @@ server {
 	%AUTO_LETS_ENCRYPT%
 	%REDIRECT_HTTP_TO_HTTPS%
 	server_name %SERVER_NAME%;
+	%DISABLE_DEFAULT_SERVER%
 	%SERVE_FILES%
 	if ($request_method !~ ^(%ALLOWED_METHODS%)$)
 	{
diff --git a/entrypoint.sh b/entrypoint.sh
index adccf77..a1ab050 100644
--- a/entrypoint.sh
+++ b/entrypoint.sh
@@ -149,9 +149,11 @@ else
 	replace_in_file "/etc/nginx/server.conf" "%FEATURE_POLICY%" ""
 fi
 if [ "$DISABLE_DEFAULT_SERVER" = "yes" ] ; then
-	replace_in_file "/etc/nginx/nginx.conf" "%DISABLE_DEFAULT_SERVER%" "include /etc/nginx/disable-default-server.conf;"
+	replace_in_file "/etc/nginx/server.conf" "%DISABLE_DEFAULT_SERVER%" "include /etc/nginx/disable-default-server.conf;"
+	SERVER_NAME_PIPE=$(echo $SERVER_NAME | sed "s/ /|/g")
+	replace_in_file "/etc/nginx/disable-default-server.conf" "%SERVER_NAME%" "$SERVER_NAME_PIPE"
 else
-	replace_in_file "/etc/nginx/nginx.conf" "%DISABLE_DEFAULT_SERVER%" ""
+	replace_in_file "/etc/nginx/server.conf" "%DISABLE_DEFAULT_SERVER%" ""
 fi
 replace_in_file "/etc/nginx/server.conf" "%SERVER_NAME%" "$SERVER_NAME"
 replace_in_file "/etc/nginx/server.conf" "%ALLOWED_METHODS%" "$ALLOWED_METHODS"