diff --git a/README.md b/README.md
index 46911bfa7b..7f9acaf4e2 100644
--- a/README.md
+++ b/README.md
@@ -58,19 +58,26 @@ Obtain all of the dependencies required by NodeBB:
 
 Initiate the setup script by running the app with the `--setup` flag:
 
-    $ node app --setup
+    $ ./nodebb setup
 
 The default settings are for a local server running on the default port, with a redis store on the same machine/port.
 
 Lastly, we run the forum.
 
-    $ node app
+    $ ./nodebb start
 
 NodeBB can also be started with helper programs, such as `supervisor` and `forever`. [Take a look at the options here](https://github.com/designcreateplay/NodeBB/wiki/How-to-run-NodeBB).
 
-*(Optional)* Some server configurations may install the node binary as `nodejs` instead of `node`. You can re-map it (so as to not break compatibility with `node-supervisor`) by running the following command:
+## Securing NodeBB
 
-    # update-alternatives --install /usr/bin/node node /usr/bin/nodejs 10
+It is important to ensure that your NodeBB and database servers are secured. Bear these points in mind:
+
+1. While some distributions set up Redis with a more restrictive configuration, Redis by default listens to all interfaces, which is especially dangerous when a server is open to the public. Some suggestions:
+    * Set `bind_address` to `127.0.0.1` so as to restrict access  to the local machine only
+    * Use `requirepass` to secure Redis behind a password (preferably a long one)
+    * Familiarise yourself with [Redis Security](http://redis.io/topics/security)
+2. Use `iptables` to secure your server from unintended open ports. In Ubuntu, `ufw` provides a friendlier interface to working with `iptables`.
+    * e.g. If your NodeBB is proxied, no ports should be open except 80 (and possibly 22, for SSH access)
 
 ## Upgrading NodeBB
 
diff --git a/nodebb b/nodebb
index b154416cf7..25bb31f1c5 100755
--- a/nodebb
+++ b/nodebb
@@ -14,9 +14,14 @@ case "$1" in
 		ls -d node_modules/nodebb* | xargs -n1 basename | xargs npm install
 		ls -d node_modules/nodebb* | xargs -n1 basename | xargs npm update
 		node app --upgrade
+		touch package.json
 		echo -e "\n\e[00;32mNodeBB Dependencies up-to-date!\e[00;00m";
 		;;
 
+	setup)
+		node app --setup
+		;;
+
 	dev)
 		echo "Launching NodeBB in \"development\" mode."
 		echo "To run the production build of NodeBB, please use \"forever\"."
diff --git a/src/install.js b/src/install.js
index ac203afed9..6e4c4ae876 100644
--- a/src/install.js
+++ b/src/install.js
@@ -121,6 +121,10 @@ var async = require('async'),
 									password: databaseConfig['redis:password'],
 									database: databaseConfig['redis:database']
 								};
+
+								if (config.redis.host.slice(0, 1) === '/') {
+									delete config.redis.port;
+								}
 							} else if (config.database === 'mongo') {
 								config.mongo = {
 									host: databaseConfig['mongo:host'],
diff --git a/src/posts.js b/src/posts.js
index a7c0b35a8e..e010ca264f 100644
--- a/src/posts.js
+++ b/src/posts.js
@@ -93,8 +93,13 @@ var db = require('./database'),
 		], callback);
 	};
 
-	Posts.getPostsByTid = function(tid, start, end, callback) {
-		db.getSortedSetRange('tid:' + tid + ':posts', start, end, function(err, pids) {
+	Posts.getPostsByTid = function(tid, start, end, reverse, callback) {
+		if (typeof reverse === 'function') {
+			callback = reverse;
+			reverse = false;
+		}
+
+		db[reverse ? 'getSortedSetRevRange' : 'getSortedSetRange']('tid:' + tid + ':posts', start, end, function(err, pids) {
 			if(err) {
 				return callback(err);
 			}
diff --git a/src/routes/user.js b/src/routes/user.js
index 7f75266944..6b2d70ecec 100644
--- a/src/routes/user.js
+++ b/src/routes/user.js
@@ -411,6 +411,15 @@ var fs = require('fs'),
 			});
 		});
 
+
+		app.get('/api/user/uid/:uid', function(req, res, next) {
+			var uid = req.params.uid ? req.params.uid : 0;
+
+			user.getUserData(uid, function(err, userData) {
+				res.json(userData);
+			});
+		});
+
 		app.get('/api/user/:userslug', function (req, res, next) {
 			var callerUID = req.user ? req.user.uid : '0';
 
diff --git a/src/topics.js b/src/topics.js
index ebea340719..07fb5b14c4 100644
--- a/src/topics.js
+++ b/src/topics.js
@@ -306,8 +306,13 @@ var async = require('async'),
 		});
 	};
 
-	Topics.getTopicPosts = function(tid, start, end, current_user, callback) {
-		posts.getPostsByTid(tid, start, end, function(err, postData) {
+	Topics.getTopicPosts = function(tid, start, end, current_user, reverse, callback) {
+		if (typeof reverse === 'function') {
+			callback = reverse;
+			reverse = false;
+		}
+
+		posts.getPostsByTid(tid, start, end, reverse, function(err, postData) {
 			if(err) {
 				return callback(err);
 			}
diff --git a/src/webserver.js b/src/webserver.js
index 655e5abaa1..92a13adf1a 100644
--- a/src/webserver.js
+++ b/src/webserver.js
@@ -178,7 +178,9 @@ module.exports.server = server;
 				meta.config['cache-buster'] = stdOut.trim();
 				// winston.info('[init] Cache buster value set to: ' + stdOut);
 			} else {
-				winston.warn('[init] Cache buster not set');
+				fs.stat(path.join(__dirname, '../package.json'), function(err, stats) {
+					meta.config['cache-buster'] = new Date(stats.mtime).getTime();
+				});
 			}
 		});
 	}