diff --git a/src/auth_handler.cr b/src/auth_handler.cr
index 70cddac..ae5c1d0 100644
--- a/src/auth_handler.cr
+++ b/src/auth_handler.cr
@@ -29,7 +29,7 @@ class AuthHandler < Kemal::Handler
 
 		if request_path_startswith env, ["/admin", "/api/admin"]
 			unless storage.verify_admin cookie.value
-				return env.response.status_code = 401
+				env.response.status_code = 403
 			end
 		end
 
diff --git a/src/mango.cr b/src/mango.cr
index 2a7e242..f0afb3d 100644
--- a/src/mango.cr
+++ b/src/mango.cr
@@ -34,6 +34,11 @@ def hash_to_query(hash)
 	hash.map { |k, v| "#{k}=#{v}" }.join("&")
 end
 
+error 403 do |env|
+	message = "You are not authorized to visit #{env.request.path}"
+	layout "message"
+end
+
 get "/" do |env|
 	begin
 		titles = library.titles
@@ -196,10 +201,6 @@ get "/reader/:title/:entry/:page" do |env|
 			"/reader/#{title.title}/#{entry.title}/#{next_page}"
 		exit_url = "/book/#{title.title}"
 
-		pp "requesting #{page}"
-		pp "serving #{urls}"
-		pp "next url #{next_url}"
-
 		render "src/views/reader.ecr"
 	rescue
 		env.response.status_code = 404
diff --git a/src/views/message.ecr b/src/views/message.ecr
new file mode 100644
index 0000000..f882d7d
--- /dev/null
+++ b/src/views/message.ecr
@@ -0,0 +1 @@
+<p class="uk-text-lead"><%= message %></p>