diff --git a/conf/defaults.local.example.inc b/conf/defaults.local.example.inc
index 710453c5..78f36a4f 100755
--- a/conf/defaults.local.example.inc
+++ b/conf/defaults.local.example.inc
@@ -8,17 +8,19 @@ NM_NODEMANAGER=192.168.1.5
 # NM_VC_USER='administrator@vsphere.local'
 # NM_VC_PASS='supersecret'
 
-# DEFINE DYNMAIC DNS LOGIN INFO FOR POWER-DNS SERVERS FOR UPDATING RECORDS
+# DEFINE DYNAMIC DNS LOGIN INFO FOR POWER-DNS SERVERS FOR UPDATING RECORDS
 #-----------------------------------------------------------------------------------------------------------------------------------------
-# NM_DYNHOST="wdns.scity.us"   				# IF NOT DEFINED, USES SCITY DEFAULT PDNS SERVERS (wdns.scity.us)
-NM_DYNUSER=""
-NM_DYNPASS=""
-NM_WPDNS_KEY=""
-
-NM_DYNDNS_LOC['mainsite']='comma seperated list of DNS A records to update'
-NM_DYNDNS_LOC['offsite']='comma seperated list of DNS A records to update for other site'
-
+NM_PDNS_HOST=""   				# IF NOT DEFINED, USES SCITY DEFAULT PDNS SERVERS (wdns.scity.us)
+NM_PDNS_USER=""
+NM_PDNS_PASS=""
+NM_PDNS_APIKEY=""
+NM_DYNDNS_SITES['mainsite']='comma seperated list of DNS A records to update'
+NM_DYNDNS_SITES['offsite']='comma seperated list of DNS A records to update for other site'
 
+# DEFINE PATHS FOR NEW CERTS AND NEW SITES (except proxy sites which default to nginx)
+#-----------------------------------------------------------------------------------------------------------------------------------------
+NM_CERTPATHS['LB']='/etc/letsencrypt'
+NM_WWWPATHS['WEB']='/var/www'
 
 # DEFIINE NODE TYPES OF THEIR ASSOCIATES HOSTS TO MONITOR (comma seperated)
 #-----------------------------------------------------------------------------------------------------------------------------------------
diff --git a/defaults.inc b/defaults.inc
index 8aef5a53..4b0275ce 100755
--- a/defaults.inc
+++ b/defaults.inc
@@ -1,5 +1,5 @@
 #!/usr/bin/env bash
-VERS='4.15.13-11232023'
+VERS='4.15.14-11232023'
 
 noheader=' service status-check nightlyrephp7.3-fpm,new backup report check checkcerts gitea update-nodes copynpmcerts singleservercheck update-dyndns backup-offsitepfsense gui nightlyreview update log '
 CERT_DAEMON='/snap/bin/certbot'
@@ -26,7 +26,7 @@ if [ -f ${NM_FOLDER}/conf/defaults.local.inc ]; then
 	declare -A NM_SINGLESRVR_IP
 	declare -A NM_CERTPATHS
 	declare -A NM_WWWPATHS
-	declare -A NM_DYNDNS_LOC
+	declare -A NM_DYNDNS_SITES
 	
 	source ${NM_FOLDER}/conf/defaults.local.inc
 	
@@ -111,8 +111,8 @@ NM_LOGFILE=${NM_LOGFOLDER}/logfile
 
 [ "${NM_RENOTIFY_TIMEOUT}" == "" ] && NM_RENOTIFY_TIMEOUT=3600
 
-NM_WANDNS='wdns.scity.us'
-NM_LANDNS='ldns.scity.us'
+NM_PDNS_WANDNS='wdns.scity.us'
+NM_PDNS_LANDNS='ldns.scity.us'
 
 TSI=$(/sbin/ip link | grep tailscale0) && [ ${#TSI} != 0 ] && RUN_NODE_TSIP=$(/sbin/ip -o -4 addr list tailscale0 | awk '{print $4}' | cut -d/ -f1) || RUN_NODE_TSIP=
 [ "$(ip route | awk '/default/ { print $5 }')" == "link" ] && RNIP=$(ip addr show $(ip route | awk '/1 dev eth0/ { print $5 }') | grep "inet" | head -n 1 | awk '/inet/ {print $2}' | cut -d'/' -f1) ||
diff --git a/inc/certs.inc b/inc/certs.inc
index 38f7a8e7..20d9ae3b 100755
--- a/inc/certs.inc
+++ b/inc/certs.inc
@@ -625,7 +625,7 @@ VCENTER-SSL(){
  	[ "${NM_VC_ACMEFOLDER}" == "" ] && NM_VC_ACMEFOLDER="/root/.acme.sh"
  	[ "${NM_VC_ACMESCRIPT}" == "" ] && NM_VC_ACMESCRIPT="acme.sh"
 	
-	if [ "${NM_VC_HOSTNAME}" != "" ] && [ "${NM_VC_USER}" != "" ] && [ "${NM_VC_PASS}" != "" ] && [ "${NM_WPDNS_KEY}" != "" ]; then
+	if [ "${NM_VC_HOSTNAME}" != "" ] && [ "${NM_VC_USER}" != "" ] && [ "${NM_VC_PASS}" != "" ] && [ "${NM_PDNS_APIKEY}" != "" ]; then
 		VCSERVER="https://${NM_VC_HOSTNAME}"
 	
 		VC_CERT="${NM_VC_ACMEFOLDER}/${NM_VC_HOSTNAME}/${NM_VC_HOSTNAME}.cer"
@@ -652,7 +652,7 @@ VCENTER-SSL(){
 		
 		echo '#!/usr/bin/env bash' >| /tmp/vcenter-update-ssl.sh
 		echo "export PDNS_Url='https://wdns.scity.us'
-export PDNS_Token='${NM_WPDNS_KEY}'
+export PDNS_Token='${NM_PDNS_APIKEY}'
 # export PDNS_ServerId='localhost'
 export PDNS_ServerId='scity.us'
 export PDNS_Ttl=60
diff --git a/nodemgmt-scripts.sh b/nodemgmt-scripts.sh
index 225f7db2..80e352c8 100755
--- a/nodemgmt-scripts.sh
+++ b/nodemgmt-scripts.sh
@@ -408,10 +408,11 @@ ADD_LOGROTATE_CRONTAB(){
 }
 
 UPDATE_DYNDNS(){
-	[ "${NM_DYNHOST}" != "" ] && PDNS_SERVER=${NM_DYNHOST} || PDNS_SERVER=${NM_WANDNS}
+	[ "${NM_PDNS_HOST}" != "" ] && PDNS_SERVER=${NM_PDNS_HOST} || PDNS_SERVER=${NM_PDNS_WANDNS}
 	TESTMODE=0; FORCE=0;
 	while [ $# -gt 0 ]; do
 		case "${1}" in
+			-s|-site) FORCE=1;;
 			-f|-force) FORCE=1;;
 			-t|-test) TESTMODE=1;;
 			-h | -help | --help)
@@ -419,6 +420,7 @@ UPDATE_DYNDNS(){
 				echo -e "Usage: ${idsCL[LightYellow]}[nodemgmt or nmg] update-dyndns ${idsCL[Yellow]}{location}${idsCL[Default]} {"
 				width=35
 				printf "%-${width}s- %s\n" "    {location}" "(site location name to update for)"
+				printf "%-${width}s- %s\n" "    -s|-site" "(configured site to run for [NM_DYNDNS_SITES variable])"
 				printf "%-${width}s- %s\n" "    -f|-force" "(will force a record update without IP changing)"
 				printf "%-${width}s- %s\n" "    -t|-test" "(tests but does not update records)"
 				echo "}"
@@ -427,9 +429,9 @@ UPDATE_DYNDNS(){
 		esac
 		shift
 	done
-	if  [ "${NM_DYNDNS_LOC[${LOCATION,,}]}" != "" ]; then
+	if  [ "${NM_DYNDNS_SITES[${LOCATION,,}]}" != "" ]; then
 		arr DYNDNS_HOSTS
-		IFS=,; hosts=(${NM_DYNDNS_LOC[${LOCATION,,}]}); unset IFS
+		IFS=,; hosts=(${NM_DYNDNS_SITES[${LOCATION,,}]}); unset IFS
 		for host in "${hosts[@]}"; do
 			arr_insert DYNDNS_HOSTS ${host}
 		done
@@ -452,22 +454,24 @@ UPDATE_DYNDNS(){
 					SENDNOTICE "${LOCATION^^} WAN IP Changed" "Updated '${LOCATION^}' WAN IP from '${OLDIP}' to '${NEWIP}'"
 					echo -en "${idsCL[Green]}'${idsCL[LightCyan]}${LOCATION^^}${idsCL[Green]}' WAN IP has changed, updating all pre-defined 'A' records ... "
 				fi
-				if [ "${NM_DYNUSER}" != "" ] && [ "${NM_DYNPASS}" != "" ]; then
-					if [ "$(curl -m 3 -sL "https://${NM_DYNUSER}df:${NM_DYNPASS}@${PDNS_SERVER}/domain/${domain}" | grep "HTTP 403 Error")" == "" ]; then
+				if [ "${NM_PDNS_USER}" != "" ] && [ "${NM_PDNS_PASS}" != "" ]; then
+					if [ "$(curl -m 3 -sL "https://${NM_PDNS_USER}df:${NM_PDNS_PASS}@${PDNS_SERVER}/domain/${domain}" | grep "HTTP 403 Error")" == "" ]; then
 						for host in ${DYNDNS_HOSTS[@]}; do
-							/usr/bin/curl -s "https://${NM_DYNUSER}:${NM_DYNPASS}@${PDNS_SERVER}/nic/update?hostname=${host}&myip=${NEWIP}" > /dev/null 2>&1
+							/usr/bin/curl -s "https://${NM_PDNS_USER}:${NM_PDNS_PASS}@${PDNS_SERVER}/nic/update?hostname=${host}&myip=${NEWIP}" > /dev/null 2>&1
 						done
-						[ "${LOCATION,,}" == "mainsite" ] && /usr/bin/curl -s "https://${NM_DYNUSER}:${NM_DYNPASS}@${NM_LANDNS}/nic/update?hostname=sc1.scity.us&myip=${NEWIP}" > /dev/null 2>&1
-						[ "${LOCATION,,}" == "offsite" ] && /usr/bin/curl -s "https://${NM_DYNUSER}:${NM_DYNPASS}@${NM_LANDNS}/nic/update?hostname=wan.offsite.scity.us&myip=${NEWIP}" > /dev/null 2>&1
+						if [ "${NM_PDNS_USER}" == "systems" ]; then
+							[ "${LOCATION,,}" == "mainsite" ] && /usr/bin/curl -s "https://${NM_PDNS_USER}:${NM_PDNS_PASS}@${NM_PDNS_LANDNS}/nic/update?hostname=sc1.scity.us&myip=${NEWIP}" > /dev/null 2>&1
+							[ "${LOCATION,,}" == "offsite" ] && /usr/bin/curl -s "https://${NM_PDNS_USER}:${NM_PDNS_PASS}@${NM_PDNS_LANDNS}/nic/update?hostname=wan.offsite.scity.us&myip=${NEWIP}" > /dev/null 2>&1
+						fi
 						echo -e "${idsCL[Green]}Done${idsCL[Default]}"
 					else
-						echo -e "\n\n${idsCL[LightRed]}INVALID DYNDNS username and/or password (NM_DYNUSER=${NM_DYNUSER}) (NM_DYNPASS=${NM_DYNPASS})\n"
-						# SENDNOTICE "${LOCATION^^} DYNDNS ERROR" "INVALID DYNDNS username or password (NM_DYNUSER=${NM_DYNUSER}) (NM_DYNPASS=${NM_DYNPASS})" 1
+						echo -e "\n\n${idsCL[LightRed]}INVALID DYNDNS username and/or password (NM_PDNS_USER=${NM_PDNS_USER}) (NM_PDNS_PASS=${NM_PDNS_PASS})\n"
+						# SENDNOTICE "${LOCATION^^} DYNDNS ERROR" "INVALID DYNDNS username or password (NM_PDNS_USER=${NM_PDNS_USER}) (NM_PDNS_PASS=${NM_PDNS_PASS})" 1
 						exit 1
 					fi
 				else
-					echo -e "\n\n${idsCL[LightYellow]}Missing DYNDNS username and/or password (NM_DYNUSER=${NM_DYNUSER}) (NM_DYNPASS=${NM_DYNPASS})\n"
-					# SENDNOTICE "${LOCATION^^} DYNDNS ERROR" "MISSING DYNDNS username or password (NM_DYNUSER=${NM_DYNUSER}) (NM_DYNPASS=${NM_DYNPASS})" 1
+					echo -e "\n\n${idsCL[LightYellow]}Missing DYNDNS username and/or password (NM_PDNS_USER=${NM_PDNS_USER}) (NM_PDNS_PASS=${NM_PDNS_PASS})\n"
+					# SENDNOTICE "${LOCATION^^} DYNDNS ERROR" "MISSING DYNDNS username or password (NM_PDNS_USER=${NM_PDNS_USER}) (NM_PDNS_PASS=${NM_PDNS_PASS})" 1
 					exit 1
 				fi
 				
@@ -485,7 +489,7 @@ UPDATE_DYNDNS(){
 		fi
 		if [ ${TESTMODE} -eq 1 ]; then
 			echo -en "\nDYNDNS Credential Test: " 
-			if [ "$(curl -m 3 -sL "https://${NM_DYNUSER}df:${NM_DYNPASS}@${PDNS_SERVER}/domain/${domain}" | grep "HTTP 403 Error")" == "" ]; then
+			if [ "$(curl -m 3 -sL "https://${NM_PDNS_USER}df:${NM_PDNS_PASS}@${PDNS_SERVER}/domain/${domain}" | grep "HTTP 403 Error")" == "" ]; then
 				echo -e "${idsCL[Green]}Pass${idsCL[Default]}"
 			else
 				echo -e "${idsCL[LightRed]}Fail${idsCL[Default]}"