diff --git a/README.md b/README.md
index 11cbee7..62339d0 100644
--- a/README.md
+++ b/README.md
@@ -1 +1,7 @@
-# bookstack-ppm
\ No newline at end of file
+# bookstack-ppm
+[![Build Status](https://cloud.drone.io/api/badges/JJTC-Docker/bookstack-ppm/status.svg)](https://cloud.drone.io/JJTC-Docker/bookstack-ppm)
+[![Docker Pulls](https://img.shields.io/docker/pulls/jjtc/bookstack-ppm.svg?style=flat)](https://hub.docker.com/r/jjtc/bookstack-ppm/) 
+[![Github Stars](https://img.shields.io/github/stars/jjtc-docker/bookstack-ppm.svg?style=flat)](https://github.com/jjtc-docker/bookstack-ppm) 
+[![Github Forks](https://img.shields.io/github/forks/jjtc-docker/bookstack-ppm.svg?style=flat?label=github%20forks)](https://github.com/jjtc-docker/bookstack-ppm)
+
+Bookstack setup based on Alpine, Nginx, PHP-PM, MariaDB, Redis & ClamAV for use with Træfik
\ No newline at end of file
diff --git a/app/Dockerfile b/app/Dockerfile
index c852a8d..4610725 100644
--- a/app/Dockerfile
+++ b/app/Dockerfile
@@ -1,21 +1,15 @@
 FROM alpine:edge
 
-LABEL maintainer JJTC "docker@jjtc.eu"
+LABEL maintainer="JJTC <docker@jjtc.eu>"
 
-ENV version=1.0.2 \
-    http_version=1.0.2 \
+ENV PPM_VERSION=2.0.0 \
+    PPM_HTTP_VERSION=2.0.1 \
     BOOKSTACK=BookStack \
-    BOOKSTACK_VERSION=0.22.0 \
+    BOOKSTACK_VERSION=0.26.1 \
     BOOKSTACK_HOME="/app"
 
 COPY docker-entrypoint.sh /app/docker-entrypoint.sh
 
-#COPY php.ini /usr/local/etc/php/conf.d/php.ini
-#COPY default.conf /etc/nginx/sites-enabled/default
-#COPY nginx.conf /etc/nginx/nginx.conf
-
-# Below the following PHP extensions are installed PCNTL, PDO_MYSQL, ZIP, GD, Tidy, XML, Redis, Memcached, msgpack, igbinary
-# PHP extensions such as DOM, OpenSSL, PDO, MBstring, Tokenizer are provided by the base image.
 RUN set -ex \
   && chmod +x /app/docker-entrypoint.sh \
   # ensure www-data user exists
@@ -48,6 +42,7 @@ RUN set -ex \
      php7-openssl \
      php7-pcntl \
      php7-pdo_mysql \
+     php7-pecl-imagick \
      php7-phar \
      php7-posix \
      php7-redis \
@@ -65,7 +60,7 @@ RUN set -ex \
   && mkdir -p /ppm/run \
   && cd /ppm \
   && chmod -R 777 run/ \
-  && composer require php-pm/php-pm:${version} php-pm/httpkernel-adapter:${http_version} \
+  && composer require php-pm/php-pm:${PPM_VERSION} php-pm/httpkernel-adapter:${PPM_HTTP_VERSION} \
   && echo "Get BookStack:" \
   && mkdir -p ${BOOKSTACK_HOME} \
   && cd ${BOOKSTACK_HOME} \
@@ -76,7 +71,9 @@ RUN set -ex \
   && echo "Get Dependencies:" \
   && composer install \
   && echo "Changing ownership:" \
-  && chown -R www-data:www-data .
+  && chown -R www-data:www-data . \
+  && echo "Ensure Nginx got access to tmp folder:" \
+  && chown www-data:root -R /var/tmp/nginx/
 
 WORKDIR $BOOKSTACK_HOME
 
diff --git a/app/default.conf b/app/default.conf
index e01d8f3..5569342 100644
--- a/app/default.conf
+++ b/app/default.conf
@@ -11,12 +11,18 @@ server {
 
     add_header Content-Security-Policy "default-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval'; style-src 'self' 'unsafe-inline'; img-src 'self'; connect-src 'self'; font-src 'self'; form-action 'self'; report-uri https://<YOUR_ACCOUNT>.report-uri.com/r/d/csp/enforce;" always;
     add_header Expect-CT "enforce; max-age=604800; report-uri=https://<YOUR_ACCOUNT>.report-uri.com/r/d/ct/enforce";
+    add_header Feature-Policy "accelerometer 'none'; ambient-light-sensor 'none'; encrypted-media 'none'; camera 'none'; geolocation 'none'; gyroscope 'none'; magnetometer 'none'; microphone 'none'; midi 'none'; payment 'none'; sync-xhr 'none'; usb 'none'; vr 'none'";
     add_header Strict-Transport-Security "max-age=31536000; includeSubdomains; preload" always;
     add_header Referrer-Policy "strict-origin";
     add_header X-Xss-Protection "1; mode=block; report=https://<YOUR_ACCOUNT>.report-uri.com/r/d/xss/enforce" always;
-    add_header X-Frame-Options "DENY";
+    add_header X-Frame-Options "DENY" always;
     add_header X-Content-Type-Options nosniff;
 
+    # Firefox CSP bug workaround - https://bugzilla.mozilla.org/show_bug.cgi?id=1262842
+    location ~ \.svg$ {
+       add_header Content-Security-Policy "default-src 'none'; frame-ancestors 'none'; style-src 'self' 'unsafe-inline'";
+    }
+
     location / {
         try_files $uri @ppm;
     }
diff --git a/app/nginx.conf b/app/nginx.conf
index 1df4ad1..2d59d19 100644
--- a/app/nginx.conf
+++ b/app/nginx.conf
@@ -24,8 +24,6 @@ http {
         include /etc/nginx/mime.types;
         default_type application/octet-stream;
 
-        resolver 1.1.1.1 8.8.8.8 8.4.4.4;
-
         ##
         # Logging Settings
         ##
diff --git a/docker-compose.yml b/docker-compose.yml
index dd1e7a1..b2114fd 100644
--- a/docker-compose.yml
+++ b/docker-compose.yml
@@ -1,7 +1,7 @@
-version: '3.6'
+version: '3.5'
 services:
   db:
-    image: mariadb:10.2
+    image: mariadb:10.3
     restart: unless-stopped
     environment:
       - TZ=${TZ}
@@ -15,7 +15,7 @@ services:
       - backend
 
   cache:
-    image: redis:4-alpine
+    image: redis:5-alpine
     restart: unless-stopped
     environment:
       - TZ=${TZ}
@@ -27,7 +27,7 @@ services:
       - "traefik.enable=false"
 
   app:
-#    image: jjtc/bookstack-ppm:0.22-r0
+    image: jjtc/bookstack-ppm:0.26.1-r0
     build: ./app/
     restart: unless-stopped
     depends_on:
@@ -38,8 +38,8 @@ services:
       - ./app/php.ini:/usr/local/etc/php/conf.d/php.ini
       - ./app/nginx.conf:/etc/nginx/nginx.conf:ro
       - ./app/default.conf:/etc/nginx/sites-enabled/default:ro
-      - uploads:/var/www/html/public/uploads:rw
-      - storage:/var/www/html/public/storage:rw
+      - uploads:/app/public/uploads:rw
+      - storage:/app/public/storage:rw
     expose:
       - "80/tcp"
     networks: