diff --git a/README.md b/README.md
index 4d9fea5..6a6c3d9 100644
--- a/README.md
+++ b/README.md
@@ -45,9 +45,13 @@ It comes with a lot of integrated features, such as:
 - Custom Headers
 - Backend Errors interceptor
 - Support TLS
+- Block common exploits middleware
+  - Patterns to detect SQL injection attempts
+  - Pattern to detect simple XSS attempts
 - Authentication middleware
   - JWT `client authorization based on the result of a request`
   - Basic-Auth
+  - OAuth 
 - Rate limiting
   - In-Memory Token Bucket based
   - In-Memory client IP based
@@ -56,8 +60,6 @@ It comes with a lot of integrated features, such as:
 
   - [ ] Distributed Rate Limiting for In-Memory client IP based across multiple instances using Redis
   - [ ] Blocklist IP address middleware
-  - [x] Block common exploits middleware
-  - [x] OAuth authentication middleware 
 
 
 ----
@@ -72,25 +74,25 @@ The default configuration is automatically generated if any configuration file i
 
 ```shell
 docker run --rm  --name goma-gateway \
- -v "${PWD}/config:/config" \
- jkaninda/goma-gateway config init --output /config/goma.yml
+ -v "${PWD}/config:/etc/goma/" \
+ jkaninda/goma-gateway config init --output /etc/goma/goma.yml
 ```
 ### 2. Run server
 
 ```shell
 docker run --rm --name goma-gateway \
- -v "${PWD}/config:/config" \
- -p 80:80 \
+ -v "${PWD}/config:/etc/goma/" \
+ -p 8080:8080 \
  jkaninda/goma-gateway server
 ```
 
 ### 3. Start server with a custom config
 ```shell
 docker run --rm --name goma-gateway \
- -v "${PWD}/config:/config" \
- -p 80:80 \
- -p 443:443 \
- jkaninda/goma-gateway server --config /config/config.yml
+ -v "${PWD}/config:/etc/goma/" \
+ -p 8080:8080 \
+ -p 8443:8443 \
+ jkaninda/goma-gateway server --config /etc/goma/config.yml
 ```
 ### 4. Healthcheck
 
@@ -111,9 +113,9 @@ services:
       start_period: 20s
       timeout: 10s
     ports:
-      - "80:80"
+      - "8080:8080"
     volumes:
-      - ./config:/config/
+      - ./config:/etc/goma/
 ```
 
 Create a config file in this format
@@ -145,6 +147,7 @@ gateway:
   disableDisplayRouteOnStart: false
   # disableKeepAlive allows enabling and disabling KeepALive server
   disableKeepAlive: false
+  blockCommonExploits: false
   # interceptErrors intercepts backend errors based on defined the status codes
   interceptErrors:
     - 405
diff --git a/docs/index.md b/docs/index.md
index 59b11aa..8e86777 100644
--- a/docs/index.md
+++ b/docs/index.md
@@ -20,12 +20,17 @@ It comes with a lot of integrated features, such as:
 - Cross-Origin Resource Sharing (CORS)
 - Custom Headers
 - Backend Errors interceptor
+- Support TLS
+- Block common exploits middleware
+  - Patterns to detect SQL injection attempts
+  - Pattern to detect simple XSS attempts
 - Authentication middleware
-    - JWT `client authorization based on the result of a request`
-    - Basic-Auth
+  - JWT `client authorization based on the result of a request`
+  - Basic-Auth
+  - OAuth
 - Rate limiting
-    - In-Memory Token Bucket based
-    - In-Memory client IP based
+  - In-Memory Token Bucket based
+  - In-Memory client IP based
 
 Declare your routes and middlewares as code.
 
diff --git a/docs/middleware.md b/docs/middleware.md
index 0d16cc1..0488e25 100644
--- a/docs/middleware.md
+++ b/docs/middleware.md
@@ -18,6 +18,7 @@ Goma Gateway supports :
 - Authentication middleware
     - JWT `client authorization based on the result of a request`
     - Basic-Auth
+    - OAuth
 - Rate limiting middleware
     - In-Memory client IP based
 - Access middleware 
@@ -133,6 +134,60 @@ middlewares:
      params:
        userCountryId: countryId
 ```
+### OAuth middleware
+
+Example of Google provider
+
+```yaml
+  - name: google-oauth
+    type: oauth
+    paths:
+      - /*
+    rule:
+      clientId: xxx
+      clientSecret: xxxx
+      # oauth provider google, gitlab, github, amazon, facebook, custom
+      provider: google # facebook, gitlab, github, amazon
+      redirectUrl: https://example.com/callback/protected
+      #RedirectPath is the PATH to redirect users after authentication, e.g: /my-protected-path/dashboard
+      redirectPath: /dashboard
+      scopes:
+        - https://www.googleapis.com/auth/userinfo.email
+        - https://www.googleapis.com/auth/userinfo.profile
+      state: randomStateString
+      jwtSecret: your-strong-jwt-secret | It's optional
+
+```
+
+Example of Authentik provider
+
+```yaml
+    - name: oauth-authentik
+      type: oauth
+      paths:
+        - /protected
+        - /example-of-oauth
+      rule:
+        clientId: xxx
+        clientSecret: xxx
+        # oauth provider google, gitlab, github, amazon, facebook, custom
+        provider: custom
+        endpoint:
+          authUrl: https://authentik.example.com/application/o/authorize/
+          tokenUrl: https://authentik.example.com/application/o/token/
+          userInfoUrl: https://authentik.example.com/application/o/userinfo/
+        redirectUrl: https://example.com/callback
+        #RedirectPath is the PATH to redirect users after authentication, e.g: /my-protected-path/dashboard
+        redirectPath: ''
+        #CookiePath e.g.: /my-protected-path or / || by default is applied on a route path
+        cookiePath: "/"
+        scopes:
+          - email
+          - openid
+        state: randomStateString
+        jwtSecret: your-strong-jwt-secret | It's optional
+
+```
 ### Access middleware
 
 Access middleware prevents access to a route or specific route path.
diff --git a/docs/quickstart.md b/docs/quickstart.md
index 32993d6..d18517a 100644
--- a/docs/quickstart.md
+++ b/docs/quickstart.md
@@ -11,19 +11,19 @@ nav_order: 2
 
 You can generate the configuration file using `config init --output /config/config.yml` command.
 
-The default configuration is automatically generated if any configuration file is not provided, and is available at `/config/goma.yml`
+The default configuration is automatically generated if any configuration file is not provided, and is available at `/etc/goma/goma.yml`
 
 ```shell
 docker run --rm  --name goma-gateway \
- -v "${PWD}/config:/config" \
+ -v "${PWD}/config:/etc/goma/" \
  jkaninda/goma-gateway config init --output /config/config.yml
 ```
 
 ### 3. Start server with a custom config
 ```shell
 docker run --rm --name goma-gateway \
- -v "${PWD}/config:/config" \
- -p 80:80 \
+ -v "${PWD}/config:/etc/goma/" \
+ -p 8080:8080 \
  jkaninda/goma-gateway server --config /config/config.yml
 ```
 ### 4. Healthcheck
@@ -39,16 +39,16 @@ services:
     image: jkaninda/goma-gateway
     command: server
     healthcheck:
-      test: curl -f http://localhost/readyz || exit 1
+      test: curl -f http://localhost/health/live || exit 1
       interval: 30s
       retries: 5
       start_period: 20s
       timeout: 10s
     ports:
-      - "80:80"
-      - "443:443"
+      - "8080:8080"
+      - "8443:8443"
     volumes:
-      - ./config:/config/
+      - ./config:/etc/goma/
 ```
 
 ## Customize configuration file
@@ -79,6 +79,7 @@ gateway:
   disableDisplayRouteOnStart: false
   # disableKeepAlive allows enabling and disabling KeepALive server
   disableKeepAlive: false
+  blockCommonExploits: false
   # interceptErrors intercepts backend errors based on defined the status codes
   interceptErrors:
     - 405
diff --git a/examples/compose.yaml b/examples/compose.yaml
index 03d6e2b..3fa6a72 100644
--- a/examples/compose.yaml
+++ b/examples/compose.yaml
@@ -3,13 +3,13 @@ services:
     image: jkaninda/goma-gateway
     command: server
     healthcheck:
-      test: curl -f http://localhost/readyz || exit 1
+      test: curl -f http://localhost:8080/health/live || exit 1
       interval: 30s
       retries: 5
       start_period: 20s
       timeout: 10s
     ports:
-      - "80:80"
-      - "443:443"
+      - "80:8080"
+      - "443:8443"
     volumes:
-      - ./config:/config/
\ No newline at end of file
+      - ./config:/etc/goma/
diff --git a/examples/kubernetes.yaml b/examples/kubernetes.yaml
index c3b4df1..816c24d 100644
--- a/examples/kubernetes.yaml
+++ b/examples/kubernetes.yaml
@@ -20,24 +20,24 @@ spec:
               memory: "128Mi"
               cpu: "200m"
           ports:
-            - containerPort: 80
+            - containerPort: 8080
           livenessProbe:
             httpGet:
               path: /health/live
-              port: 80
+              port: 8080
             initialDelaySeconds: 15
             periodSeconds: 30
             timeoutSeconds: 10
           readinessProbe:
             httpGet:
               path: /health/live
-              port: 80
+              port: 8080
             initialDelaySeconds: 15
-            periodSeconds: 40
+            periodSeconds: 30
             timeoutSeconds: 10
           volumeMounts:
             - name: config
-              mountPath: /config/
+              mountPath: /etc/goma/
       volumes:
         - name: config
           configMap:
diff --git a/goma.yml b/goma.yml
index 04f8f9b..19f65a7 100644
--- a/goma.yml
+++ b/goma.yml
@@ -22,6 +22,7 @@ gateway:
   disableDisplayRouteOnStart: false
   # disableKeepAlive allows enabling and disabling KeepALive server
   disableKeepAlive: false
+  blockCommonExploits: false
   # interceptErrors intercepts backend errors based on defined the status codes
   interceptErrors:
    - 405