diff --git a/doc/EN/app_gnusocial.org b/doc/EN/app_gnusocial.org
index f1cdd83b..429dc85f 100644
--- a/doc/EN/app_gnusocial.org
+++ b/doc/EN/app_gnusocial.org
@@ -90,3 +90,9 @@ And as a quick reference the main keys are:
 | CTRL-c CTRL-h | Highlight          |
 | CTRL-c CTRL-r | Show replies       |
 | CTRL-c CTRL-f | Friends timeline   |
+
+
+* Blocking controls
+The biggest hazard with GNU Social is that it's part of a public federated communications system. This means that conversations and replies from other servers may end up in your "whole known network" stream. The internet being what it is, some of these could be undesirable. You can block individual users or entire domains by going to the *Administrator control panel* and selecting *Domain and user blocking*, then adding or removing entries. This blocks domains at the firewall level and also at the level of database and file storage.
+
+If you want to block a particular user then select *Block a domain or user* and enter the user in the format *username@domaintoblock* (similar to an email address).
diff --git a/doc/EN/app_postactiv.org b/doc/EN/app_postactiv.org
index b879870a..0af1dede 100644
--- a/doc/EN/app_postactiv.org
+++ b/doc/EN/app_postactiv.org
@@ -37,3 +37,8 @@ If you have just obtained a Lets Encrypt certificate as above then go to *About*
 To see the login password for your site go to *Passwords* on the *Administrator control panel* and select the appropriate username and app. The passwords will be different for each user and may not be the same as the password which you used to originally ssh into the system.
 
 Navigate to your PostActiv domain name and log in.
+
+* Blocking controls
+The biggest hazard with PostActiv is that it's part of a public federated communications system. This means that conversations and replies from other servers may end up in your "/whole known network/" stream. The internet being what it is, some of these could be undesirable. You can block individual users or entire domains by going to the *Administrator control panel* and selecting *Domain and user blocking*, then adding or removing entries. This blocks domains at the firewall level and also at the level of database and file storage.
+
+If you want to block a particular user then select *Block a domain or user* and enter the user in the format *username@domaintoblock* (similar to an email address).
diff --git a/website/EN/app_gnusocial.html b/website/EN/app_gnusocial.html
index 5d1a790e..beb91695 100644
--- a/website/EN/app_gnusocial.html
+++ b/website/EN/app_gnusocial.html
@@ -3,7 +3,7 @@
 "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
 <html xmlns="http://www.w3.org/1999/xhtml" lang="en" xml:lang="en">
 <head>
-<!-- 2017-04-11 Tue 21:13 -->
+<!-- 2017-04-27 Thu 15:39 -->
 <meta http-equiv="Content-Type" content="text/html;charset=utf-8" />
 <meta name="viewport" content="width=device-width, initial-scale=1" />
 <title></title>
@@ -270,9 +270,9 @@ You should regard anything posted to GNU Social as being <i>public communication
 </div>
 
 
-<div id="outline-container-orgc680dd2" class="outline-2">
-<h2 id="orgc680dd2">Installation</h2>
-<div class="outline-text-2" id="text-orgc680dd2">
+<div id="outline-container-org9b60c2d" class="outline-2">
+<h2 id="org9b60c2d">Installation</h2>
+<div class="outline-text-2" id="text-org9b60c2d">
 <p>
 Log into your system with:
 </p>
@@ -297,9 +297,9 @@ After the install has completed go to <b>Security settings</b> and select <b>Cre
 </div>
 
 
-<div id="outline-container-org41dfd7f" class="outline-2">
-<h2 id="org41dfd7f">Initial setup</h2>
-<div class="outline-text-2" id="text-org41dfd7f">
+<div id="outline-container-org8e7708d" class="outline-2">
+<h2 id="org8e7708d">Initial setup</h2>
+<div class="outline-text-2" id="text-org8e7708d">
 <p>
 If you have just obtained a Lets Encrypt certificate as above then go to <b>About</b> on the administrator control panel and you should see your GNU Social domain listed there along with an onion address. You can then navigate to your site in a browser.
 </p>
@@ -327,9 +327,9 @@ GNU Social has a clutter-free mobile user interface which can be accessed via a
 </div>
 
 
-<div id="outline-container-org5508d10" class="outline-2">
-<h2 id="org5508d10">Using with Emacs</h2>
-<div class="outline-text-2" id="text-org5508d10">
+<div id="outline-container-org1384126" class="outline-2">
+<h2 id="org1384126">Using with Emacs</h2>
+<div class="outline-text-2" id="text-org1384126">
 <div class="org-center">
 
 <div class="figure">
@@ -419,6 +419,20 @@ And as a quick reference the main keys are:
 </table>
 </div>
 </div>
+
+
+<div id="outline-container-org15f73b7" class="outline-2">
+<h2 id="org15f73b7">Blocking controls</h2>
+<div class="outline-text-2" id="text-org15f73b7">
+<p>
+The biggest hazard with GNU Social is that it's part of a public federated communications system. This means that conversations and replies from other servers may end up in your "whole known network" stream. The internet being what it is, some of these could be undesirable. You can block individual users or entire domains by going to the <b>Administrator control panel</b> and selecting <b>Domain and user blocking</b>, then adding or removing entries. This blocks domains at the firewall level and also at the level of database and file storage.
+</p>
+
+<p>
+If you want to block a particular user then select <b>Block a domain or user</b> and enter the user in the format <b>username@domaintoblock</b> (similar to an email address).
+</p>
+</div>
+</div>
 </div>
 <div id="postamble" class="status">
 
diff --git a/website/EN/app_postactiv.html b/website/EN/app_postactiv.html
index 3247c462..b21fc8bc 100644
--- a/website/EN/app_postactiv.html
+++ b/website/EN/app_postactiv.html
@@ -3,7 +3,7 @@
 "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
 <html xmlns="http://www.w3.org/1999/xhtml" lang="en" xml:lang="en">
 <head>
-<!-- 2016-11-14 Mon 21:44 -->
+<!-- 2017-04-27 Thu 15:39 -->
 <meta http-equiv="Content-Type" content="text/html;charset=utf-8" />
 <meta name="viewport" content="width=device-width, initial-scale=1" />
 <title></title>
@@ -71,6 +71,7 @@
   pre.src-fortran:before { content: 'Fortran'; }
   pre.src-gnuplot:before { content: 'gnuplot'; }
   pre.src-haskell:before { content: 'Haskell'; }
+  pre.src-hledger:before { content: 'hledger'; }
   pre.src-java:before { content: 'Java'; }
   pre.src-js:before { content: 'Javascript'; }
   pre.src-latex:before { content: 'LaTeX'; }
@@ -188,7 +189,7 @@
 @licstart  The following is the entire license notice for the
 JavaScript code in this tag.
 
-Copyright (C) 2012-2013 Free Software Foundation, Inc.
+Copyright (C) 2012-2017 Free Software Foundation, Inc.
 
 The JavaScript code in this tag is free software: you can
 redistribute it and/or modify it under the terms of the GNU
@@ -251,16 +252,16 @@ for the JavaScript code in this tag.
 PostActiv is a fork of <a href="./app_gnusocial.html">GNU Social</a> which includes some extra fixes and optimisations to improve performance. It federates just like GNU Social does and so whether you choose GNU Social or PostActiv is really just down to personal prefernce.
 </p>
 
-<div id="outline-container-org0c08778" class="outline-2">
-<h2 id="org0c08778">Installation</h2>
-<div class="outline-text-2" id="text-org0c08778">
+<div id="outline-container-org6b70798" class="outline-2">
+<h2 id="org6b70798">Installation</h2>
+<div class="outline-text-2" id="text-org6b70798">
 <p>
 Log into your system with:
 </p>
 
 <div class="org-src-container">
-<pre class="src src-bash">ssh myusername@mydomain -p 2222
-</pre>
+<pre><code class="src src-bash">ssh myusername@mydomain -p 2222
+</code></pre>
 </div>
 
 <p>
@@ -277,27 +278,35 @@ After the install has completed go to <b>Security settings</b> and select <b>Cre
 </div>
 </div>
 
-<div id="outline-container-orgca84b5b" class="outline-2">
-<h2 id="orgca84b5b">Initial setup</h2>
-<div class="outline-text-2" id="text-orgca84b5b">
+<div id="outline-container-org6e69d34" class="outline-2">
+<h2 id="org6e69d34">Initial setup</h2>
+<div class="outline-text-2" id="text-org6e69d34">
 <p>
 If you have just obtained a Lets Encrypt certificate as above then go to <b>About</b> on the administrator control panel and you should see your Postactiv domain listed there along with an onion address. You can then navigate to your site in a browser.
 </p>
 
 <p>
-If you installed the system using a disk image then you can log in using the username and password which was originally shown when you installed the system. If you didn't install from a disk image then a new random password will be generated for each site and stored within a readme file. If you need to view that file then exit to the user control panel, select <b>Exit to the command line</b> and then run:
+To see the login password for your site go to <b>Passwords</b> on the <b>Administrator control panel</b> and select the appropriate username and app. The passwords will be different for each user and may not be the same as the password which you used to originally ssh into the system.
 </p>
 
-<div class="org-src-container">
-<pre class="src src-bash">editor README
-</pre>
-</div>
-
 <p>
 Navigate to your PostActiv domain name and log in.
 </p>
 </div>
 </div>
+
+<div id="outline-container-orgcf16494" class="outline-2">
+<h2 id="orgcf16494">Blocking controls</h2>
+<div class="outline-text-2" id="text-orgcf16494">
+<p>
+The biggest hazard with PostActiv is that it's part of a public federated communications system. This means that conversations and replies from other servers may end up in your "<i>whole known network</i>" stream. The internet being what it is, some of these could be undesirable. You can block individual users or entire domains by going to the <b>Administrator control panel</b> and selecting <b>Domain and user blocking</b>, then adding or removing entries. This blocks domains at the firewall level and also at the level of database and file storage.
+</p>
+
+<p>
+If you want to block a particular user then select <b>Block a domain or user</b> and enter the user in the format <b>username@domaintoblock</b> (similar to an email address).
+</p>
+</div>
+</div>
 </div>
 <div id="postamble" class="status">