diff --git a/files/classes/user.py b/files/classes/user.py
index 7913f0b412..6f252f590b 100644
--- a/files/classes/user.py
+++ b/files/classes/user.py
@@ -190,6 +190,7 @@ class User(Base):
 		elif self.patron == 4: discount = 0.75
 		elif self.patron == 5: discount = 0.70
 		elif self.patron == 6: discount = 0.65
+		elif self.patron == 7: discount = 0.60
 		else: discount = 1
 
 		for badge in [69,70,71,72,73]:
diff --git a/files/mail/__init__.py b/files/mail/__init__.py
index e733264182..fba1477ede 100644
--- a/files/mail/__init__.py
+++ b/files/mail/__init__.py
@@ -41,6 +41,7 @@ def send_verification_email(user, email=None):
 
 @app.post("/verify_email")
 @limiter.limit("1/second;30/minute;200/hour;1000/day")
+@limiter.limit("1/second;30/minute;200/hour;1000/day", key_func=lambda:f'{request.host}-{session.get("lo_user")}')
 @auth_required
 def api_verify_email(v):
 
diff --git a/files/routes/admin.py b/files/routes/admin.py
index d1c2f58584..79992fcc3c 100644
--- a/files/routes/admin.py
+++ b/files/routes/admin.py
@@ -710,11 +710,7 @@ def users_list(v):
 	try: page = int(request.values.get("page", 1))
 	except: page = 1
 
-	users = g.db.query(User).filter_by(is_banned=0
-									   ).order_by(User.created_utc.desc()
-												  ).offset(25 * (page - 1)).limit(26)
-
-	users = [x for x in users]
+	users = g.db.query(User).order_by(User.id.desc()).offset(25 * (page - 1)).limit(26).all()
 
 	next_exists = (len(users) > 25)
 	users = users[:25]
@@ -726,6 +722,30 @@ def users_list(v):
 						   page=page,
 						   )
 
+
+@app.get("/badge_owners/<bid>")
+@auth_required
+def bid_list(v, bid):
+
+	try: bid = int(bid)
+	except: abort(400)
+
+	try: page = int(request.values.get("page", 1))
+	except: page = 1
+
+	users = g.db.query(User).join(Badge, Badge.user_id == User.id).filter(Badge.badge_id==bid).offset(25 * (page - 1)).limit(26).all()
+
+	next_exists = (len(users) > 25)
+	users = users[:25]
+
+	return render_template("admin/new_users.html",
+						   v=v,
+						   users=users,
+						   next_exists=next_exists,
+						   page=page,
+						   )
+
+
 @app.get("/admin/alt_votes")
 @admin_level_required(2)
 def alt_votes_get(v):
diff --git a/files/routes/awards.py b/files/routes/awards.py
index 449f850ee9..ff900ea10f 100644
--- a/files/routes/awards.py
+++ b/files/routes/awards.py
@@ -121,6 +121,7 @@ def buy(v, award):
 
 @app.post("/award_post/<pid>")
 @limiter.limit("1/second;30/minute;200/hour;1000/day")
+@limiter.limit("1/second;30/minute;200/hour;1000/day", key_func=lambda:f'{request.host}-{session.get("lo_user")}')
 @is_not_permabanned
 def award_post(pid, v):
 	if v.shadowbanned: return render_template('errors/500.html', err=True, v=v), 500
@@ -360,6 +361,7 @@ def award_post(pid, v):
 
 @app.post("/award_comment/<cid>")
 @limiter.limit("1/second;30/minute;200/hour;1000/day")
+@limiter.limit("1/second;30/minute;200/hour;1000/day", key_func=lambda:f'{request.host}-{session.get("lo_user")}')
 @is_not_permabanned
 def award_comment(cid, v):
 	if v.shadowbanned: return render_template('errors/500.html', err=True, v=v), 500
diff --git a/files/routes/chat.py b/files/routes/chat.py
index d33886e6fa..c74fbc9046 100644
--- a/files/routes/chat.py
+++ b/files/routes/chat.py
@@ -35,6 +35,7 @@ def chatjs():
 
 @socketio.on('speak')
 @limiter.limit("3/second;10/minute")
+@limiter.limit("3/second;10/minute", key_func=lambda:f'{request.host}-{session.get("lo_user")}')
 @auth_required
 def speak(data, v):
 	if v.is_banned: return '', 403
diff --git a/files/routes/comments.py b/files/routes/comments.py
index 145a6af0f2..8a726566b3 100644
--- a/files/routes/comments.py
+++ b/files/routes/comments.py
@@ -160,6 +160,7 @@ def post_pid_comment_cid(cid, pid=None, anything=None, v=None, sub=None):
 
 @app.post("/comment")
 @limiter.limit("1/second;20/minute;200/hour;1000/day")
+@limiter.limit("1/second;20/minute;200/hour;1000/day", key_func=lambda:f'{request.host}-{session.get("lo_user")}')
 @auth_required
 def api_comment(v):
 	if v.is_suspended: return {"error": "You can't perform this action while banned."}, 403
@@ -667,6 +668,7 @@ def api_comment(v):
 
 @app.post("/edit_comment/<cid>")
 @limiter.limit("1/second;30/minute;200/hour;1000/day")
+@limiter.limit("1/second;30/minute;200/hour;1000/day", key_func=lambda:f'{request.host}-{session.get("lo_user")}')
 @auth_required
 def edit_comment(cid, v):
 
@@ -842,6 +844,7 @@ def edit_comment(cid, v):
 
 @app.post("/delete/comment/<cid>")
 @limiter.limit("1/second;30/minute;200/hour;1000/day")
+@limiter.limit("1/second;30/minute;200/hour;1000/day", key_func=lambda:f'{request.host}-{session.get("lo_user")}')
 @auth_required
 def delete_comment(cid, v):
 
@@ -863,6 +866,7 @@ def delete_comment(cid, v):
 
 @app.post("/undelete/comment/<cid>")
 @limiter.limit("1/second;30/minute;200/hour;1000/day")
+@limiter.limit("1/second;30/minute;200/hour;1000/day", key_func=lambda:f'{request.host}-{session.get("lo_user")}')
 @auth_required
 def undelete_comment(cid, v):
 
@@ -969,6 +973,7 @@ def mod_unpin(cid, v):
 
 @app.post("/save_comment/<cid>")
 @limiter.limit("1/second;30/minute;200/hour;1000/day")
+@limiter.limit("1/second;30/minute;200/hour;1000/day", key_func=lambda:f'{request.host}-{session.get("lo_user")}')
 @auth_required
 def save_comment(cid, v):
 
@@ -986,6 +991,7 @@ def save_comment(cid, v):
 
 @app.post("/unsave_comment/<cid>")
 @limiter.limit("1/second;30/minute;200/hour;1000/day")
+@limiter.limit("1/second;30/minute;200/hour;1000/day", key_func=lambda:f'{request.host}-{session.get("lo_user")}')
 @auth_required
 def unsave_comment(cid, v):
 
@@ -1001,6 +1007,7 @@ def unsave_comment(cid, v):
 
 @app.post("/blackjack/<cid>")
 @limiter.limit("1/second;30/minute;200/hour;1000/day")
+@limiter.limit("1/second;30/minute;200/hour;1000/day", key_func=lambda:f'{request.host}-{session.get("lo_user")}')
 @auth_required
 def handle_blackjack_action(cid, v):
 	comment = get_comment(cid)
@@ -1041,6 +1048,7 @@ def diff_words(answer, guess):
 
 @app.post("/wordle/<cid>")
 @limiter.limit("1/second;30/minute;200/hour;1000/day")
+@limiter.limit("1/second;30/minute;200/hour;1000/day", key_func=lambda:f'{request.host}-{session.get("lo_user")}')
 @auth_required
 def handle_wordle_action(cid, v):
 
diff --git a/files/routes/login.py b/files/routes/login.py
index 1c3d298c60..a89da564e3 100644
--- a/files/routes/login.py
+++ b/files/routes/login.py
@@ -169,6 +169,7 @@ def me(v):
 
 @app.post("/logout")
 @limiter.limit("1/second;30/minute;200/hour;1000/day")
+@limiter.limit("1/second;30/minute;200/hour;1000/day", key_func=lambda:f'{request.host}-{session.get("lo_user")}')
 @auth_required
 def logout(v):
 
diff --git a/files/routes/oauth.py b/files/routes/oauth.py
index 028ba8c6fc..0a5d811e02 100644
--- a/files/routes/oauth.py
+++ b/files/routes/oauth.py
@@ -18,6 +18,7 @@ def authorize_prompt(v):
 
 @app.post("/authorize")
 @limiter.limit("1/second;30/minute;200/hour;1000/day")
+@limiter.limit("1/second;30/minute;200/hour;1000/day", key_func=lambda:f'{request.host}-{session.get("lo_user")}')
 @auth_required
 def authorize(v):
 
@@ -40,6 +41,7 @@ def authorize(v):
 
 @app.post("/api_keys")
 @limiter.limit("1/second;30/minute;200/hour;1000/day")
+@limiter.limit("1/second;30/minute;200/hour;1000/day", key_func=lambda:f'{request.host}-{session.get("lo_user")}')
 @is_not_permabanned
 def request_api_keys(v):
 
@@ -81,6 +83,7 @@ def request_api_keys(v):
 
 @app.post("/delete_app/<aid>")
 @limiter.limit("1/second;30/minute;200/hour;1000/day")
+@limiter.limit("1/second;30/minute;200/hour;1000/day", key_func=lambda:f'{request.host}-{session.get("lo_user")}')
 @auth_required
 def delete_oauth_app(v, aid):
 
@@ -101,6 +104,7 @@ def delete_oauth_app(v, aid):
 
 @app.post("/edit_app/<aid>")
 @limiter.limit("1/second;30/minute;200/hour;1000/day")
+@limiter.limit("1/second;30/minute;200/hour;1000/day", key_func=lambda:f'{request.host}-{session.get("lo_user")}')
 @is_not_permabanned
 def edit_oauth_app(v, aid):
 
@@ -264,6 +268,7 @@ def admin_apps_list(v):
 
 @app.post("/oauth/reroll/<aid>")
 @limiter.limit("1/second;30/minute;200/hour;1000/day")
+@limiter.limit("1/second;30/minute;200/hour;1000/day", key_func=lambda:f'{request.host}-{session.get("lo_user")}')
 @auth_required
 def reroll_oauth_tokens(aid, v):
 
diff --git a/files/routes/posts.py b/files/routes/posts.py
index ae8e681d78..f0bb44947a 100644
--- a/files/routes/posts.py
+++ b/files/routes/posts.py
@@ -56,6 +56,7 @@ def toggle_club(pid, v):
 
 @app.post("/publish/<pid>")
 @limiter.limit("1/second;30/minute;200/hour;1000/day")
+@limiter.limit("1/second;30/minute;200/hour;1000/day", key_func=lambda:f'{request.host}-{session.get("lo_user")}')
 @auth_required
 def publish(pid, v):
 	post = get_post(pid)
@@ -419,6 +420,7 @@ def morecomments(v, cid):
 
 @app.post("/edit_post/<pid>")
 @limiter.limit("1/second;30/minute;200/hour;1000/day")
+@limiter.limit("1/second;30/minute;200/hour;1000/day", key_func=lambda:f'{request.host}-{session.get("lo_user")}')
 @auth_required
 def edit_post(pid, v):
 	p = get_post(pid)
@@ -856,6 +858,7 @@ def api_is_repost():
 @app.post("/submit")
 @app.post("/h/<sub>/submit")
 @limiter.limit("1/second;2/minute;10/hour;50/day")
+@limiter.limit("1/second;2/minute;10/hour;50/day", key_func=lambda:f'{request.host}-{session.get("lo_user")}')
 @auth_required
 def submit_post(v, sub=None):
 
@@ -1395,6 +1398,7 @@ def submit_post(v, sub=None):
 
 @app.post("/delete_post/<pid>")
 @limiter.limit("1/second;30/minute;200/hour;1000/day")
+@limiter.limit("1/second;30/minute;200/hour;1000/day", key_func=lambda:f'{request.host}-{session.get("lo_user")}')
 @auth_required
 def delete_post_pid(pid, v):
 
@@ -1416,6 +1420,7 @@ def delete_post_pid(pid, v):
 
 @app.post("/undelete_post/<pid>")
 @limiter.limit("1/second;30/minute;200/hour;1000/day")
+@limiter.limit("1/second;30/minute;200/hour;1000/day", key_func=lambda:f'{request.host}-{session.get("lo_user")}')
 @auth_required
 def undelete_post_pid(pid, v):
 	post = get_post(pid)
@@ -1471,6 +1476,7 @@ def toggle_post_nsfw(pid, v):
 
 @app.post("/save_post/<pid>")
 @limiter.limit("1/second;30/minute;200/hour;1000/day")
+@limiter.limit("1/second;30/minute;200/hour;1000/day", key_func=lambda:f'{request.host}-{session.get("lo_user")}')
 @auth_required
 def save_post(pid, v):
 
@@ -1487,6 +1493,7 @@ def save_post(pid, v):
 
 @app.post("/unsave_post/<pid>")
 @limiter.limit("1/second;30/minute;200/hour;1000/day")
+@limiter.limit("1/second;30/minute;200/hour;1000/day", key_func=lambda:f'{request.host}-{session.get("lo_user")}')
 @auth_required
 def unsave_post(pid, v):
 
@@ -1520,6 +1527,7 @@ def api_pin_post(post_id, v):
 
 @app.get("/submit/title")
 @limiter.limit("6/minute")
+@limiter.limit("6/minute", key_func=lambda:f'{request.host}-{session.get("lo_user")}')
 @auth_required
 def get_post_title(v):
 
diff --git a/files/routes/reporting.py b/files/routes/reporting.py
index f4a1cbbc3b..889ebeef6a 100644
--- a/files/routes/reporting.py
+++ b/files/routes/reporting.py
@@ -7,6 +7,7 @@ from files.helpers.sanitize import filter_emojis_only
 
 @app.post("/report/post/<pid>")
 @limiter.limit("1/second;30/minute;200/hour;1000/day")
+@limiter.limit("1/second;30/minute;200/hour;1000/day", key_func=lambda:f'{request.host}-{session.get("lo_user")}')
 @auth_required
 def api_flag_post(pid, v):
 
@@ -58,6 +59,7 @@ def api_flag_post(pid, v):
 
 @app.post("/report/comment/<cid>")
 @limiter.limit("1/second;30/minute;200/hour;1000/day")
+@limiter.limit("1/second;30/minute;200/hour;1000/day", key_func=lambda:f'{request.host}-{session.get("lo_user")}')
 @auth_required
 def api_flag_comment(cid, v):
 
diff --git a/files/routes/settings.py b/files/routes/settings.py
index 185533e8ba..ecc7d76dab 100644
--- a/files/routes/settings.py
+++ b/files/routes/settings.py
@@ -29,6 +29,7 @@ tiers={
 
 @app.post("/settings/removebackground")
 @limiter.limit("1/second;30/minute;200/hour;1000/day")
+@limiter.limit("1/second;30/minute;200/hour;1000/day", key_func=lambda:f'{request.host}-{session.get("lo_user")}')
 @auth_required
 def removebackground(v):
 	v.background = None
@@ -38,6 +39,7 @@ def removebackground(v):
 
 @app.post("/settings/profile")
 @limiter.limit("1/second;30/minute;200/hour;1000/day")
+@limiter.limit("1/second;30/minute;200/hour;1000/day", key_func=lambda:f'{request.host}-{session.get("lo_user")}')
 @auth_required
 def settings_profile_post(v):
 	updated = False
@@ -340,6 +342,7 @@ def changelogsub(v):
 
 @app.post("/settings/namecolor")
 @limiter.limit("1/second;30/minute;200/hour;1000/day")
+@limiter.limit("1/second;30/minute;200/hour;1000/day", key_func=lambda:f'{request.host}-{session.get("lo_user")}')
 @auth_required
 def namecolor(v):
 
@@ -353,6 +356,7 @@ def namecolor(v):
 	
 @app.post("/settings/themecolor")
 @limiter.limit("1/second;30/minute;200/hour;1000/day")
+@limiter.limit("1/second;30/minute;200/hour;1000/day", key_func=lambda:f'{request.host}-{session.get("lo_user")}')
 @auth_required
 def themecolor(v):
 
@@ -366,6 +370,7 @@ def themecolor(v):
 
 @app.post("/settings/gumroad")
 @limiter.limit("1/second;30/minute;200/hour;1000/day")
+@limiter.limit("1/second;30/minute;200/hour;1000/day", key_func=lambda:f'{request.host}-{session.get("lo_user")}')
 @auth_required
 def gumroad(v):
 	if not (v.email and v.is_activated):
@@ -408,6 +413,7 @@ def gumroad(v):
 
 @app.post("/settings/titlecolor")
 @limiter.limit("1/second;30/minute;200/hour;1000/day")
+@limiter.limit("1/second;30/minute;200/hour;1000/day", key_func=lambda:f'{request.host}-{session.get("lo_user")}')
 @auth_required
 def titlecolor(v):
 
@@ -421,6 +427,7 @@ def titlecolor(v):
 
 @app.post("/settings/verifiedcolor")
 @limiter.limit("1/second;30/minute;200/hour;1000/day")
+@limiter.limit("1/second;30/minute;200/hour;1000/day", key_func=lambda:f'{request.host}-{session.get("lo_user")}')
 @auth_required
 def verifiedcolor(v):
 	verifiedcolor = str(request.values.get("verifiedcolor", "")).strip()
@@ -433,6 +440,7 @@ def verifiedcolor(v):
 
 @app.post("/settings/security")
 @limiter.limit("1/second;30/minute;200/hour;1000/day")
+@limiter.limit("1/second;30/minute;200/hour;1000/day", key_func=lambda:f'{request.host}-{session.get("lo_user")}')
 @auth_required
 def settings_security_post(v):
 	if request.values.get("new_password"):
@@ -516,6 +524,7 @@ def settings_security_post(v):
 
 @app.post("/settings/log_out_all_others")
 @limiter.limit("1/second;30/minute;200/hour;1000/day")
+@limiter.limit("1/second;30/minute;200/hour;1000/day", key_func=lambda:f'{request.host}-{session.get("lo_user")}')
 @auth_required
 def settings_log_out_others(v):
 
@@ -537,6 +546,7 @@ def settings_log_out_others(v):
 
 @app.post("/settings/images/profile")
 @limiter.limit("1/second;30/minute;200/hour;1000/day")
+@limiter.limit("1/second;30/minute;200/hour;1000/day", key_func=lambda:f'{request.host}-{session.get("lo_user")}')
 @auth_required
 def settings_images_profile(v):
 	if request.headers.get("cf-ipcountry") == "T1": return {"error":"Image uploads are not allowed through TOR."}, 403
@@ -572,6 +582,7 @@ def settings_images_profile(v):
 
 @app.post("/settings/images/banner")
 @limiter.limit("1/second;30/minute;200/hour;1000/day")
+@limiter.limit("1/second;30/minute;200/hour;1000/day", key_func=lambda:f'{request.host}-{session.get("lo_user")}')
 @auth_required
 def settings_images_banner(v):
 	if request.headers.get("cf-ipcountry") == "T1": return {"error":"Image uploads are not allowed through TOR."}, 403
@@ -607,6 +618,7 @@ def settings_css_get(v):
 
 @app.post("/settings/css")
 @limiter.limit("1/second;30/minute;200/hour;1000/day")
+@limiter.limit("1/second;30/minute;200/hour;1000/day", key_func=lambda:f'{request.host}-{session.get("lo_user")}')
 @auth_required
 def settings_css(v):
 	if v.agendaposter: return {"error": "Agendapostered users can't edit css!"}
@@ -625,6 +637,7 @@ def settings_profilecss_get(v):
 
 @app.post("/settings/profilecss")
 @limiter.limit("1/second;30/minute;200/hour;1000/day")
+@limiter.limit("1/second;30/minute;200/hour;1000/day", key_func=lambda:f'{request.host}-{session.get("lo_user")}')
 @auth_required
 def settings_profilecss(v):
 	profilecss = request.values.get("profilecss").strip().replace('\\', '').strip()[:4000]
@@ -635,6 +648,7 @@ def settings_profilecss(v):
 
 @app.post("/settings/block")
 @limiter.limit("1/second;10/day")
+@limiter.limit("1/second;10/day", key_func=lambda:f'{request.host}-{session.get("lo_user")}')
 @auth_required
 def settings_block_user(v):
 
@@ -672,6 +686,7 @@ def settings_block_user(v):
 
 @app.post("/settings/unblock")
 @limiter.limit("1/second;30/minute;200/hour;1000/day")
+@limiter.limit("1/second;30/minute;200/hour;1000/day", key_func=lambda:f'{request.host}-{session.get("lo_user")}')
 @auth_required
 def settings_unblock_user(v):
 
@@ -701,6 +716,7 @@ def settings_apps(v):
 
 @app.post("/settings/remove_discord")
 @limiter.limit("1/second;30/minute;200/hour;1000/day")
+@limiter.limit("1/second;30/minute;200/hour;1000/day", key_func=lambda:f'{request.host}-{session.get("lo_user")}')
 @auth_required
 def settings_remove_discord(v):
 
@@ -721,6 +737,7 @@ def settings_content_get(v):
 
 @app.post("/settings/name_change")
 @limiter.limit("1/second;30/minute;200/hour;1000/day")
+@limiter.limit("1/second;30/minute;200/hour;1000/day", key_func=lambda:f'{request.host}-{session.get("lo_user")}')
 @is_not_permabanned
 def settings_name_change(v):
 
@@ -765,6 +782,7 @@ def settings_name_change(v):
 
 @app.post("/settings/song_change")
 @limiter.limit("2/second;10/day")
+@limiter.limit("2/second;10/day", key_func=lambda:f'{request.host}-{session.get("lo_user")}')
 @auth_required
 def settings_song_change(v):
 	song=request.values.get("song").strip()
@@ -844,6 +862,7 @@ def settings_song_change(v):
 
 @app.post("/settings/title_change")
 @limiter.limit("1/second;30/minute;200/hour;1000/day")
+@limiter.limit("1/second;30/minute;200/hour;1000/day", key_func=lambda:f'{request.host}-{session.get("lo_user")}')
 @auth_required
 def settings_title_change(v):
 
diff --git a/files/routes/static.py b/files/routes/static.py
index 00d2d763a9..cd4e3b9c48 100644
--- a/files/routes/static.py
+++ b/files/routes/static.py
@@ -385,6 +385,7 @@ def contact(v):
 
 @app.post("/send_admin")
 @limiter.limit("1/second;2/minute;6/hour;10/day")
+@limiter.limit("1/second;2/minute;6/hour;10/day", key_func=lambda:f'{request.host}-{session.get("lo_user")}')
 @auth_required
 def submit_contact(v):
 	body = request.values.get("message")
diff --git a/files/routes/subs.py b/files/routes/subs.py
index 98a0e3dea2..c657aa17b0 100644
--- a/files/routes/subs.py
+++ b/files/routes/subs.py
@@ -158,6 +158,7 @@ def blockers(v, sub):
 
 @app.post("/h/<sub>/add_mod")
 @limiter.limit("1/second;5/day")
+@limiter.limit("1/second;5/day", key_func=lambda:f'{request.host}-{session.get("lo_user")}')
 @is_not_permabanned
 def add_mod(v, sub):
 	sub = g.db.query(Sub).filter_by(name=sub.strip().lower()).one_or_none()
@@ -306,6 +307,7 @@ def sub_settings(v, sub):
 
 @app.post('/h/<sub>/sidebar')
 @limiter.limit("1/second;30/minute;200/hour;1000/day")
+@limiter.limit("1/second;30/minute;200/hour;1000/day", key_func=lambda:f'{request.host}-{session.get("lo_user")}')
 @is_not_permabanned
 def post_sub_sidebar(v, sub):
 	sub = g.db.query(Sub).filter_by(name=sub.strip().lower()).one_or_none()
@@ -326,6 +328,7 @@ def post_sub_sidebar(v, sub):
 
 @app.post('/h/<sub>/css')
 @limiter.limit("1/second;30/minute;200/hour;1000/day")
+@limiter.limit("1/second;30/minute;200/hour;1000/day", key_func=lambda:f'{request.host}-{session.get("lo_user")}')
 @is_not_permabanned
 def post_sub_css(v, sub):
 	sub = g.db.query(Sub).filter_by(name=sub.strip().lower()).one_or_none()
@@ -352,6 +355,7 @@ def get_sub_css(sub):
 
 @app.post("/h/<sub>/banner")
 @limiter.limit("1/second;10/day")
+@limiter.limit("1/second;10/day", key_func=lambda:f'{request.host}-{session.get("lo_user")}')
 @is_not_permabanned
 def sub_banner(v, sub):
 	if request.headers.get("cf-ipcountry") == "T1": return {"error":"Image uploads are not allowed through TOR."}, 403
@@ -379,6 +383,7 @@ def sub_banner(v, sub):
 
 @app.post("/h/<sub>/sidebar_image")
 @limiter.limit("1/second;10/day")
+@limiter.limit("1/second;10/day", key_func=lambda:f'{request.host}-{session.get("lo_user")}')
 @is_not_permabanned
 def sub_sidebar(v, sub):
 	if request.headers.get("cf-ipcountry") == "T1": return {"error":"Image uploads are not allowed through TOR."}, 403
diff --git a/files/routes/users.py b/files/routes/users.py
index 8e2d1336e8..aff504b719 100644
--- a/files/routes/users.py
+++ b/files/routes/users.py
@@ -371,6 +371,7 @@ def downvoting(v, username):
 
 @app.post("/@<username>/suicide")
 @limiter.limit("1/second;5/day")
+@limiter.limit("1/second;5/day", key_func=lambda:f'{request.host}-{session.get("lo_user")}')
 @auth_required
 def suicide(v, username):
 	user = get_user(username)
@@ -389,6 +390,7 @@ def get_coins(v, username):
 
 @app.post("/@<username>/transfer_coins")
 @limiter.limit("1/second;30/minute;200/hour;1000/day")
+@limiter.limit("1/second;30/minute;200/hour;1000/day", key_func=lambda:f'{request.host}-{session.get("lo_user")}')
 @is_not_permabanned
 def transfer_coins(v, username):
 	receiver = g.db.query(User).filter_by(username=username).one_or_none()
@@ -423,6 +425,7 @@ def transfer_coins(v, username):
 
 @app.post("/@<username>/transfer_bux")
 @limiter.limit("1/second;30/minute;200/hour;1000/day")
+@limiter.limit("1/second;30/minute;200/hour;1000/day", key_func=lambda:f'{request.host}-{session.get("lo_user")}')
 @is_not_permabanned
 def transfer_bux(v, username):
 	receiver = g.db.query(User).filter_by(username=username).one_or_none()
@@ -567,6 +570,7 @@ def song(song):
 
 @app.post("/subscribe/<post_id>")
 @limiter.limit("1/second;30/minute;200/hour;1000/day")
+@limiter.limit("1/second;30/minute;200/hour;1000/day", key_func=lambda:f'{request.host}-{session.get("lo_user")}')
 @auth_required
 def subscribe(v, post_id):
 	new_sub = Subscription(user_id=v.id, submission_id=post_id)
@@ -576,6 +580,7 @@ def subscribe(v, post_id):
 	
 @app.post("/unsubscribe/<post_id>")
 @limiter.limit("1/second;30/minute;200/hour;1000/day")
+@limiter.limit("1/second;30/minute;200/hour;1000/day", key_func=lambda:f'{request.host}-{session.get("lo_user")}')
 @auth_required
 def unsubscribe(v, post_id):
 	sub=g.db.query(Subscription).filter_by(user_id=v.id, submission_id=post_id).one_or_none()
@@ -591,6 +596,7 @@ def reportbugs(v):
 
 @app.post("/@<username>/message")
 @limiter.limit("1/second;10/minute;20/hour;50/day")
+@limiter.limit("1/second;10/minute;20/hour;50/day", key_func=lambda:f'{request.host}-{session.get("lo_user")}')
 @is_not_permabanned
 def message2(v, username):
 
@@ -655,6 +661,7 @@ def message2(v, username):
 
 @app.post("/reply")
 @limiter.limit("1/second;6/minute;50/hour;200/day")
+@limiter.limit("1/second;6/minute;50/hour;200/day", key_func=lambda:f'{request.host}-{session.get("lo_user")}')
 @auth_required
 def messagereply(v):
 
@@ -1041,6 +1048,7 @@ def u_user_id_info(id, v=None):
 
 @app.post("/follow/<username>")
 @limiter.limit("1/second;30/minute;200/hour;1000/day")
+@limiter.limit("1/second;30/minute;200/hour;1000/day", key_func=lambda:f'{request.host}-{session.get("lo_user")}')
 @auth_required
 def follow_user(username, v):
 
@@ -1065,6 +1073,7 @@ def follow_user(username, v):
 
 @app.post("/unfollow/<username>")
 @limiter.limit("1/second;30/minute;200/hour;1000/day")
+@limiter.limit("1/second;30/minute;200/hour;1000/day", key_func=lambda:f'{request.host}-{session.get("lo_user")}')
 @auth_required
 def unfollow_user(username, v):
 
@@ -1092,6 +1101,7 @@ def unfollow_user(username, v):
 
 @app.post("/remove_follow/<username>")
 @limiter.limit("1/second;30/minute;200/hour;1000/day")
+@limiter.limit("1/second;30/minute;200/hour;1000/day", key_func=lambda:f'{request.host}-{session.get("lo_user")}')
 @auth_required
 def remove_follow(username, v):
 	target = get_user(username)
diff --git a/files/routes/votes.py b/files/routes/votes.py
index 44e351a635..84aee852d6 100644
--- a/files/routes/votes.py
+++ b/files/routes/votes.py
@@ -7,7 +7,6 @@ from files.__main__ import app, limiter, cache
 from os import environ
 
 @app.get("/votes")
-@limiter.limit("5/second;60/minute;200/hour;1000/day")
 @auth_required
 def admin_vote_info_get(v):
 	link = request.values.get("link")
@@ -53,6 +52,7 @@ def admin_vote_info_get(v):
 
 @app.post("/vote/post/<post_id>/<new>")
 @limiter.limit("5/second;60/minute;600/hour;1000/day")
+@limiter.limit("5/second;60/minute;600/hour;1000/day", key_func=lambda:f'{request.host}-{session.get("lo_user")}')
 @is_not_permabanned
 def api_vote_post(post_id, new, v):
 
@@ -116,6 +116,7 @@ def api_vote_post(post_id, new, v):
 
 @app.post("/vote/comment/<comment_id>/<new>")
 @limiter.limit("5/second;60/minute;600/hour;1000/day")
+@limiter.limit("5/second;60/minute;600/hour;1000/day", key_func=lambda:f'{request.host}-{session.get("lo_user")}')
 @is_not_permabanned
 def api_vote_comment(comment_id, new, v):
 
@@ -218,6 +219,7 @@ def api_vote_poll(comment_id, v):
 
 @app.post("/bet/<comment_id>")
 @limiter.limit("1/second;30/minute;200/hour;1000/day")
+@limiter.limit("1/second;30/minute;200/hour;1000/day", key_func=lambda:f'{request.host}-{session.get("lo_user")}')
 @is_not_permabanned
 def bet(comment_id, v):
 	
diff --git a/files/templates/badges.html b/files/templates/badges.html
index aebeb87b4a..8ee3e03654 100644
--- a/files/templates/badges.html
+++ b/files/templates/badges.html
@@ -30,7 +30,7 @@
 		<td><img alt="{{badge.name}}" loading="lazy" src="/assets/images/badges/{{badge.id}}.webp?v=1016" width=45.83 height=50>
 		<td>{{badge.description}}</td>
 		{%- set ct = counts[badge.id] if badge.id in counts else (0, 0) %}
-		<td class="badges-rarity-qty">{{ ct[0] }}</td>
+		<td class="badges-rarity-qty"><a href="/badge_owners/{{badge.id}}">{{ ct[0] }}</a></td>
 		<td class="badges-rarity-ratio">{{ "{:0.3f}".format(ct[1]) }}%</td>
 	</tr>
 {% endfor %}
diff --git a/push.sh b/push.sh
index e5639e0a74..edce13413b 100644
--- a/push.sh
+++ b/push.sh
@@ -1,5 +1,4 @@
 git pull
 git add .
 git commit -m "sneed"
-git push
-. 'D:\1.sh'
\ No newline at end of file
+git push
\ No newline at end of file
diff --git a/pushforce.sh b/pushforce.sh
index 0f80163666..1181e0ef20 100644
--- a/pushforce.sh
+++ b/pushforce.sh
@@ -1,4 +1,3 @@
 git add .
 git commit -m "force push"
-git push --force
-. 'D:\1.sh'
\ No newline at end of file
+git push --force
\ No newline at end of file