diff --git a/README.md b/README.md
index 37bd0e3..b022607 100644
--- a/README.md
+++ b/README.md
@@ -2,6 +2,9 @@
 
 A collection of scripts and configuration files for our use of Nix tooling.
 
+> [!NOTE]
+> You may want to read [**this article**](https://stancl.substack.com/p/deploying-laravel-on-nixos) for more detailed information.
+
 ## Setting up a new server
 
 This is just for getting a working NixOS installation with `/etc/nixos/configuration.nix` deployed onto a generic cloud VM.
@@ -171,6 +174,24 @@ The module doesn't handle www redirects automatically. This may be added in the
 
 At this time, I'd recommend handling basic redirects like that on Cloudflare.
 
+### Default nginx server
+
+Out of the box, if nginx cannot match an incoming request's host to a specific virtual host it will
+just use _some_ vhost. You can prevent behavior that by adding a module like this:
+
+```nix
+{
+  services.nginx.virtualHosts."catchall" = {
+    default = true;
+    locations."/".return = "444";
+    rejectSSL = true;
+  };
+}
+```
+
+This creates a `default_server` vhost that returns an empty response to any request. The name of the
+vhost is irrelevant.
+
 ### Authenticated Origin Pulls (AOP)
 
 To make your sites reachable ONLY using Cloudflare, you can use [authenticated origin
diff --git a/laravel.nix b/laravel.nix
index ec2d6df..30f8bd6 100644
--- a/laravel.nix
+++ b/laravel.nix
@@ -40,7 +40,10 @@ in {
   networking.firewall.allowedTCPPorts = [ 80 ] ++ lib.optionals ssl [ 443 ];
 
   # Create welcome message for user
+  # todo: the created /etc file should ideally be 0750
   environment.etc."laravel-${name}-bashrc".text = ''
+    export PATH="$HOME/.config/composer/vendor/bin/:$PATH"
+
     # Laravel site welcome message
     echo "Welcome to ${name} Laravel site!"
     echo "Domains: ${lib.concatStringsSep ", " domains}"