diff --git a/package.json b/package.json
index bec9f3a..eb30b31 100644
--- a/package.json
+++ b/package.json
@@ -1,6 +1,6 @@
 {
   "name": "express-cart",
-  "version": "1.1.4",
+  "version": "1.1.5",
   "description": "A fully functioning Node.js shopping cart with Stripe, PayPal and Authorize.net payments.",
   "private": false,
   "scripts": {
diff --git a/routes/customer.js b/routes/customer.js
index e5c8fbb..bcf4bfd 100644
--- a/routes/customer.js
+++ b/routes/customer.js
@@ -59,7 +59,7 @@ router.post('/customer/create', (req, res) => {
 });
 
 // render the customer view
-router.get('/customer/view/:id?', common.restrict, (req, res) => {
+router.get('/admin/customer/view/:id?', common.restrict, (req, res) => {
     const db = req.app.db;
 
     db.customers.findOne({_id: common.getId(req.params.id)}, (err, result) => {
@@ -82,7 +82,7 @@ router.get('/customer/view/:id?', common.restrict, (req, res) => {
 });
 
 // customers list
-router.get('/customers', common.restrict, (req, res) => {
+router.get('/admin/customers', common.restrict, (req, res) => {
     const db = req.app.db;
 
     db.customers.find({}).limit(20).sort({created: -1}).toArray((err, customers) => {
@@ -100,7 +100,7 @@ router.get('/customers', common.restrict, (req, res) => {
 });
 
 // Filtered customers list
-router.get('/customers/filter/:search', common.restrict, (req, res, next) => {
+router.get('/admin/customers/filter/:search', common.restrict, (req, res, next) => {
     const db = req.app.db;
     let searchTerm = req.params.search;
     let customersIndex = req.app.customersIndex;
diff --git a/routes/product.js b/routes/product.js
index da93e54..aa840e9 100644
--- a/routes/product.js
+++ b/routes/product.js
@@ -6,7 +6,7 @@ const fs = require('fs');
 const path = require('path');
 const router = express.Router();
 
-router.get('/products', common.restrict, (req, res, next) => {
+router.get('/admin/products', common.restrict, (req, res, next) => {
     const db = req.app.db;
     // get the top results
     db.products.find({}).sort({'productAddedDate': -1}).limit(10).toArray((err, topResults) => {
@@ -26,7 +26,7 @@ router.get('/products', common.restrict, (req, res, next) => {
     });
 });
 
-router.get('/products/filter/:search', common.restrict, (req, res, next) => {
+router.get('/admin/products/filter/:search', (req, res, next) => {
     const db = req.app.db;
     let searchTerm = req.params.search;
     let productsIndex = req.app.productsIndex;
@@ -56,7 +56,7 @@ router.get('/products/filter/:search', common.restrict, (req, res, next) => {
 });
 
 // insert form
-router.get('/product/new', common.restrict, (req, res) => {
+router.get('/admin/product/new', common.restrict, common.checkAccess, (req, res) => {
     res.render('product_new', {
         title: 'New product',
         session: req.session,
@@ -74,7 +74,7 @@ router.get('/product/new', common.restrict, (req, res) => {
 });
 
 // insert new product form action
-router.post('/product/insert', common.restrict, (req, res) => {
+router.post('/admin/product/insert', common.restrict, (req, res) => {
     const db = req.app.db;
 
     let doc = {
@@ -145,7 +145,7 @@ router.post('/product/insert', common.restrict, (req, res) => {
 });
 
 // render the editor
-router.get('/product/edit/:id', common.restrict, (req, res) => {
+router.get('/admin/product/edit/:id', common.restrict, (req, res) => {
     const db = req.app.db;
 
     common.getImages(req.params.id, req, res, (images) => {
@@ -176,7 +176,7 @@ router.get('/product/edit/:id', common.restrict, (req, res) => {
 });
 
 // Update an existing product form action
-router.post('/product/update', common.restrict, (req, res) => {
+router.post('/admin/product/update', common.restrict, (req, res) => {
     const db = req.app.db;
 
     db.products.findOne({_id: common.getId(req.body.frmProductId)}, (err, product) => {
@@ -256,7 +256,7 @@ router.post('/product/update', common.restrict, (req, res) => {
 });
 
 // delete product
-router.get('/product/delete/:id', common.restrict, (req, res) => {
+router.get('/admin/product/delete/:id', common.restrict, (req, res) => {
     const db = req.app.db;
 
     // remove the article
@@ -283,7 +283,7 @@ router.get('/product/delete/:id', common.restrict, (req, res) => {
 });
 
 // update the published state based on an ajax call from the frontend
-router.post('/product/published_state', common.restrict, (req, res) => {
+router.post('/admin/product/published_state', common.restrict, (req, res) => {
     const db = req.app.db;
 
     db.products.update({_id: common.getId(req.body.id)}, {$set: {productPublished: req.body.state}}, {multi: false}, (err, numReplaced) => {
@@ -299,7 +299,7 @@ router.post('/product/published_state', common.restrict, (req, res) => {
 });
 
 // set as main product image
-router.post('/product/setasmainimage', common.restrict, (req, res) => {
+router.post('/admin/product/setasmainimage', common.restrict, (req, res) => {
     const db = req.app.db;
 
     // update the productImage to the db
@@ -313,7 +313,7 @@ router.post('/product/setasmainimage', common.restrict, (req, res) => {
 });
 
 // deletes a product image
-router.post('/product/deleteimage', common.restrict, (req, res) => {
+router.post('/admin/product/deleteimage', common.restrict, (req, res) => {
     const db = req.app.db;
 
     // get the productImage from the db
diff --git a/routes/user.js b/routes/user.js
index fcfde2f..000140d 100644
--- a/routes/user.js
+++ b/routes/user.js
@@ -2,9 +2,10 @@ const express = require('express');
 const common = require('../lib/common');
 const colors = require('colors');
 const bcrypt = require('bcryptjs');
+const url = require('url');
 const router = express.Router();
 
-router.get('/users', common.restrict, (req, res) => {
+router.get('/admin/users', common.restrict, (req, res) => {
     const db = req.app.db;
     db.users.find({}).toArray((err, users) => {
         if(err){
@@ -25,7 +26,7 @@ router.get('/users', common.restrict, (req, res) => {
 });
 
 // edit user
-router.get('/user/edit/:id', common.restrict, (req, res) => {
+router.get('/admin/user/edit/:id', common.restrict, (req, res) => {
     const db = req.app.db;
     db.users.findOne({_id: common.getId(req.params.id)}, (err, user) => {
         if(err){
@@ -54,7 +55,7 @@ router.get('/user/edit/:id', common.restrict, (req, res) => {
 });
 
 // users new
-router.get('/user/new', common.restrict, (req, res) => {
+router.get('/admin/user/new', common.restrict, (req, res) => {
     res.render('user_new', {
         title: 'User - New',
         admin: true,
@@ -67,7 +68,7 @@ router.get('/user/new', common.restrict, (req, res) => {
 });
 
 // delete user
-router.get('/user/delete/:id', common.restrict, (req, res) => {
+router.get('/admin/user/delete/:id', common.restrict, (req, res) => {
     const db = req.app.db;
     if(req.session.isAdmin === 'true'){
         db.users.remove({_id: common.getId(req.params.id)}, {}, (err, numRemoved) => {
@@ -86,7 +87,7 @@ router.get('/user/delete/:id', common.restrict, (req, res) => {
 });
 
 // update a user
-router.post('/user/update', common.restrict, (req, res) => {
+router.post('/admin/user/update', common.restrict, (req, res) => {
     const db = req.app.db;
 
     let isAdmin = req.body.user_admin === 'on' ? 'true' : 'false';
@@ -133,7 +134,7 @@ router.post('/user/update', common.restrict, (req, res) => {
 });
 
 // insert a user
-router.post('/user/insert', common.restrict, (req, res) => {
+router.post('/admin/user/insert', common.restrict, (req, res) => {
     const db = req.app.db;
 
     // set the account to admin if using the setup form. Eg: First user account