diff --git a/rproxy b/rproxy
index 12f524f..01e994c 100644
--- a/rproxy
+++ b/rproxy
@@ -3,7 +3,7 @@
 # Публикация локальных сервисов через SSH-туннели + nginx на VPS
 # http://5.104.75.50:3000/Petro1990/rProxy
 
-VERSION="1.3.5"
+VERSION="1.3.6"
 CONF_DIR="/opt/etc/rproxy"
 CONF_FILE="$CONF_DIR/rproxy.conf"
 SERVICES_DIR="$CONF_DIR/services"
@@ -541,10 +541,6 @@ do_add_interactive() {
         proxy_set_header Origin \"http://$router_ip\";
         proxy_set_header Referer \"http://$router_ip/\";
         proxy_set_header X-NDM-Realm \"Keenetic\";
-        proxy_set_header X-Requested-With XMLHttpRequest;
-
-        # Скрываем заголовки роутера, чтобы они не конфликтовали с нашими
-        proxy_hide_header WWW-Authenticate;
     }
 
     location @auth_required {
@@ -561,6 +557,7 @@ do_add_interactive() {
 server {
     listen 80;
     server_name "$domain";
+    recursive_error_pages on;
 
     proxy_buffering off;
     proxy_request_buffering off;
@@ -570,7 +567,7 @@ server {
 
     location / {
         $( [ "$use_ndm_auth" = "yes" ] && echo "auth_request /rproxy_auth;" )
-        $( [ "$use_ndm_auth" = "yes" ] && echo "error_page 401 = @auth_required;" )
+        $( [ "$use_ndm_auth" = "yes" ] && echo "error_page 401 403 = @auth_required;" )
         proxy_pass http://127.0.0.1:$tunnel_port;
         proxy_http_version 1.1;
         proxy_set_header Upgrade \$http_upgrade;
@@ -603,6 +600,7 @@ NGINXEOF
         cat > "$tmp" << NGINXEOF
 server {
     listen $ext_port;
+    recursive_error_pages on;
 
     proxy_buffering off;
     proxy_request_buffering off;
@@ -612,7 +610,7 @@ server {
 
     location / {
         $( [ "$use_ndm_auth" = "yes" ] && echo "auth_request /rproxy_auth;" )
-        $( [ "$use_ndm_auth" = "yes" ] && echo "error_page 401 = @auth_required;" )
+        $( [ "$use_ndm_auth" = "yes" ] && echo "error_page 401 403 = @auth_required;" )
         proxy_pass http://127.0.0.1:$tunnel_port;
         proxy_http_version 1.1;
         proxy_set_header Upgrade \$http_upgrade;