diff --git a/app.rb b/app.rb
index a805f43e..556894a0 100644
--- a/app.rb
+++ b/app.rb
@@ -56,6 +56,7 @@ error do
   erb :'error'
 end
 
+# :nocov:
 get '/newindex_mockup' do
   if SimpleCache.expired?(:sites_count)
     @sites_count = SimpleCache.store :sites_count, Site.count.roundup(100), 600 # 10 Minutes
@@ -79,6 +80,15 @@ get '/profile_mockup' do
   erb :'profile_mockup', locals: {site: current_site}
 end
 
+get '/browse_mockup' do
+  erb :'browse_mockup'
+end
+
+get '/tips_mockup' do
+  erb :'tips_mockup'
+end
+# :nocov:
+
 get '/site/:username.rss' do |username|
   site = Site[username: username]
   content_type :xml
@@ -87,10 +97,7 @@ end
 
 get '/site/:username/?' do |username|
   site = Site[username: username]
-  not_found if site.nil?
-  if current_site && (site.is_blocking?(current_site) || current_site.is_blocking?(site))
-    not_found
-  end
+  not_found if site.nil? || site.is_banned
 
   @title = site.title
 
@@ -131,24 +138,14 @@ post '/site/:username/comment' do |username|
     redirect "/site/#{username}"
   end
 
-  DB.transaction do
-    site.add_profile_comment(
-      actioning_site_id: current_site.id,
-      message: params[:message]
-    )
-  end
+  site.add_profile_comment(
+    actioning_site_id: current_site.id,
+    message: params[:message]
+  )
 
   redirect "/site/#{username}"
 end
 
-get '/browse_mockup' do
-  erb :'browse_mockup'
-end
-
-get '/tips_mockup' do
-  erb :'tips_mockup'
-end
-
 get '/stats/?' do
   require_admin
 
diff --git a/models/site.rb b/models/site.rb
index 34106f57..96ea450b 100644
--- a/models/site.rb
+++ b/models/site.rb
@@ -333,9 +333,7 @@ class Site < Sequel::Model
 
   def block!(site)
     block = blockings_dataset.filter(site_id: site.id).first
-    DB.transaction do
-      add_blocking site: site
-    end
+    add_blocking site: site
   end
 
   def is_blocking?(site)
diff --git a/tests/acceptance/settings_tests.rb b/tests/acceptance/settings_tests.rb
index 06ff3d0a..b7175cd6 100644
--- a/tests/acceptance/settings_tests.rb
+++ b/tests/acceptance/settings_tests.rb
@@ -216,17 +216,65 @@ describe 'site/settings' do
     end
   end
 
+  describe 'email' do
+    include Capybara::DSL
+
+    before do
+      EmailWorker.jobs.clear
+      @email = "#{SecureRandom.uuid.gsub('-', '')}@example.com"
+      @site = Fabricate :site, email: @email
+      page.set_rack_session id: @site.id
+      visit '/settings'
+    end
+
+    it 'should change email' do
+      @new_email = "#{SecureRandom.uuid.gsub('-', '')}@example.com"
+      fill_in 'email', with: @new_email
+      click_button 'Change Email'
+      page.must_have_content /successfully changed email/i
+      @site.reload
+      @site.email.must_equal @new_email
+      EmailWorker.jobs.length.must_equal 1
+      args = EmailWorker.jobs.first['args'].first
+      args['to'].must_equal @new_email
+      args['subject'].must_match /confirm your email address/i
+      args['body'].must_match /hello #{@site.username}/i
+      args['body'].must_match /#{@site.email_confirmation_token}/
+    end
+
+    it 'should fail for invalid email address' do
+      @new_email = SecureRandom.uuid.gsub '-', ''
+      fill_in 'email', with: @new_email
+      click_button 'Change Email'
+      page.must_have_content /a valid email address is required/i
+      @site.reload
+      @site.email.wont_equal @new_email
+      EmailWorker.jobs.empty?.must_equal true
+    end
+
+    it 'should fail for existing email' do
+      @existing_email = "#{SecureRandom.uuid.gsub('-', '')}@example.com"
+      @existing_site = Fabricate :site, email: @existing_email
+
+      fill_in 'email', with: @existing_email
+      click_button 'Change Email'
+      page.must_have_content /this email address already exists on neocities/i
+      @site.reload
+      @site.email.wont_equal @new_email
+      EmailWorker.jobs.empty?.must_equal true
+    end
+  end
+
   describe 'change password' do
     include Capybara::DSL
 
     before do
       @site = Fabricate :site, password: 'derpie'
       page.set_rack_session id: @site.id
+      visit '/settings'
     end
 
     it 'should change correctly' do
-      visit '/settings'
-
       fill_in 'current_password', with: 'derpie'
       fill_in 'new_password', with: 'derpie2'
       fill_in 'new_password_confirm', with: 'derpie2'
@@ -237,5 +285,17 @@ describe 'site/settings' do
       @site.valid_password?('derpie').must_equal false
       @site.valid_password?('derpie2').must_equal true
     end
+
+    it 'should not change for invalid current password' do
+      fill_in 'current_password', with: 'dademurphy'
+      fill_in 'new_password', with: 'derpie2'
+      fill_in 'new_password_confirm', with: 'derpie2'
+      click_button 'Change Password'
+
+      page.must_have_content /provided password does not match the current one/i
+      @site.reload
+      @site.valid_password?('derpie').must_equal true
+      @site.valid_password?('derpie2').must_equal false
+    end
   end
 end
\ No newline at end of file
diff --git a/tests/acceptance/site_tests.rb b/tests/acceptance/site_tests.rb
new file mode 100644
index 00000000..e19e888d
--- /dev/null
+++ b/tests/acceptance/site_tests.rb
@@ -0,0 +1,56 @@
+require_relative './environment.rb'
+
+describe 'site page' do
+  include Capybara::DSL
+
+  after do
+    Capybara.default_driver = :rack_test
+  end
+
+  it '404s for missing site' do
+    visit '/site/failderp'
+    page.status_code.must_equal 404
+    page.must_have_content /not found/i
+  end
+
+  it 'loads site page' do
+    site = Fabricate :site
+    visit "/site/#{site.username}"
+    page.status_code.must_equal 200
+    page.must_have_content /#{site.username}/
+  end
+
+  it 'allows site blocking' do
+    Capybara.default_driver = :poltergeist
+    tag = SecureRandom.hex 10
+    blocked_site = Fabricate :site, new_tags_string: tag, created_at: 2.weeks.ago, site_changed: true
+    site = Fabricate :site
+
+    page.set_rack_session id: site.id
+
+    visit "/browse?tag=#{tag}"
+
+    page.find('.website-Gallery .title a')['href'].must_match /#{blocked_site.host}/
+
+    visit "/site/#{blocked_site.username}"
+
+    click_link 'Block'
+    click_button 'Block Site'
+
+    visit "/browse?tag=#{tag}"
+
+    page.must_have_content /no active sites found/i
+
+    site.reload
+    site.blockings.length.must_equal 1
+    site.blockings.first.site_id.must_equal blocked_site.id
+  end
+
+  it '404s if site is banned' do
+    site = Fabricate :site
+    site.ban!
+    visit "/site/#{site.username}"
+    page.status_code.must_equal 404
+    page.must_have_content /not found/i
+  end
+end
\ No newline at end of file
diff --git a/tests/environment.rb b/tests/environment.rb
index 7edf4983..4cd4a7ac 100644
--- a/tests/environment.rb
+++ b/tests/environment.rb
@@ -22,6 +22,8 @@ include WebMock::API
 require 'webmock/minitest'
 require 'sidekiq/testing'
 
+WebMock.disable_net_connect! allow_localhost: true
+
 Sinatra::Application.configure do |app|
   app.use RackSessionAccess::Middleware
 end
diff --git a/views/index.erb b/views/index.erb
index c6894fe6..0f27c476 100644
--- a/views/index.erb
+++ b/views/index.erb
@@ -19,7 +19,6 @@
   <meta property="og:image"       content=""/>
   <meta property="og:url"         content="//www.neocities.org"/>
   <meta property="og:description" content="Neocities is the new Geocities. Create your own free home page, and do whatever you want with it."/>
-  <meta content="pBkqwF1U/KpuF2+f0ZhSf8BnpxYgeU0boCTdnB3joGc=" name="csrf-token" />
 
   <link rel="shortcut icon" type="image/ico"  href="/favicon.ico" />
   <link rel="apple-touch-icon-precomposed"    href="#apple-icon-144.png" />
diff --git a/views/layout.erb b/views/layout.erb
index 10855614..4bc78fd7 100644
--- a/views/layout.erb
+++ b/views/layout.erb
@@ -14,10 +14,6 @@
     <meta property="og:url"         content="https://www.neocities.org">
     <meta property="og:description" content="Neocities is the new Geocities. Create your own free home page, and do whatever you want with it.">
 
-    <!--
-    <meta content="<%= csrf_token %>" name="csrf-token" />
-    -->
-
     <link href="/css/neo.css" rel="stylesheet" type="text/css" media="all"/>
 
     <link rel="shortcut icon" type="image/ico"  href="/favicon.ico" />