diff --git a/little snitch/README.md b/little snitch/README.md
index e69de29..2007481 100644
--- a/little snitch/README.md	
+++ b/little snitch/README.md	
@@ -0,0 +1,19 @@
+# Little Snitch
+
+1. [Rules](#rules)
+1. [Sources](#sources)
+
+## Rules
+
+Available [complete][full ruleset] or in [parts].
+
+## Sources
+
+- [Commonly whitelisted domains]
+
+<!-- internal references-->
+[full ruleset]: rules/all.lsrules
+[parts]: rules/parts/
+
+<!-- external references -->
+[commonly whitelisted domains]: https://discourse.pi-hole.net/t/commonly-whitelisted-domains/212
diff --git a/little snitch/ruleset.lsrules b/little snitch/rules/all.lsrules
similarity index 98%
rename from little snitch/ruleset.lsrules
rename to little snitch/rules/all.lsrules
index 3294bc8..e51fbe4 100644
--- a/little snitch/ruleset.lsrules	
+++ b/little snitch/rules/all.lsrules	
@@ -52,6 +52,8 @@
                 "ocsp.godaddy.com",
                 "ocsp.pki.goog",
                 "ocsp.r2m01.amazontrust.com",
+                "ocsp.r2m02.amazontrust.com",
+                "ocsp.rootca1.amazontrust.com",
                 "ocsp.sca1b.amazontrust.com",
                 "ocsp.sectigo.com",
                 "ocsp.usertrust.com",
@@ -193,7 +195,7 @@
             "action": "allow",
             "notes": "Allow Spotify to advertise its capabilities on the local network.",
             "ports": "1900",
-            "process": "/Users/mek/Applications/Spotify.app/Contents/MacOS/Spotify",
+            "process": "/Applications/Spotify.app/Contents/MacOS/Spotify",
             "protocol": "udp",
             "remote-addresses": "239.255.255.250"
         },
@@ -210,6 +212,8 @@
                 "ocsp.godaddy.com",
                 "ocsp.pki.goog",
                 "ocsp.r2m01.amazontrust.com",
+                "ocsp.r2m02.amazontrust.com",
+                "ocsp.rootca1.amazontrust.com",
                 "ocsp.sca1b.amazontrust.com",
                 "ocsp.sectigo.com",
                 "ocsp.usertrust.com",
diff --git a/little snitch/build-full-ruleset.sh b/little snitch/rules/build-full-ruleset.sh
similarity index 87%
rename from little snitch/build-full-ruleset.sh
rename to little snitch/rules/build-full-ruleset.sh
index 72007b5..274bf84 100755
--- a/little snitch/build-full-ruleset.sh	
+++ b/little snitch/rules/build-full-ruleset.sh	
@@ -23,6 +23,6 @@ done
 
 jq --indent 4 -M \
 	'.rules=([inputs.rules]|flatten)' \
-	"${WORKDIR}/ruleset.lsrules" \
+	"${WORKDIR}/all.lsrules" \
 	"${WORKDIR}/parts/"*.lsrules \
-| sponge "${WORKDIR}/ruleset.lsrules"
+| sponge "${WORKDIR}/all.lsrules"
diff --git a/little snitch/parts/bitwarden.lsrules b/little snitch/rules/parts/bitwarden.lsrules
similarity index 100%
rename from little snitch/parts/bitwarden.lsrules
rename to little snitch/rules/parts/bitwarden.lsrules
diff --git a/little snitch/parts/firefox.lsrules b/little snitch/rules/parts/firefox.lsrules
similarity index 100%
rename from little snitch/parts/firefox.lsrules
rename to little snitch/rules/parts/firefox.lsrules
diff --git a/little snitch/parts/gpg-suite.lsrules b/little snitch/rules/parts/gpg-suite.lsrules
similarity index 100%
rename from little snitch/parts/gpg-suite.lsrules
rename to little snitch/rules/parts/gpg-suite.lsrules
diff --git a/little snitch/parts/iterm2.lsrules b/little snitch/rules/parts/iterm2.lsrules
similarity index 100%
rename from little snitch/parts/iterm2.lsrules
rename to little snitch/rules/parts/iterm2.lsrules
diff --git a/little snitch/parts/keybase.lsrules b/little snitch/rules/parts/keybase.lsrules
similarity index 100%
rename from little snitch/parts/keybase.lsrules
rename to little snitch/rules/parts/keybase.lsrules
diff --git a/little snitch/parts/little-snitch.lsrules b/little snitch/rules/parts/little-snitch.lsrules
similarity index 100%
rename from little snitch/parts/little-snitch.lsrules
rename to little snitch/rules/parts/little-snitch.lsrules
diff --git a/little snitch/parts/logi-options-plus.lsrules b/little snitch/rules/parts/logi-options-plus.lsrules
similarity index 100%
rename from little snitch/parts/logi-options-plus.lsrules
rename to little snitch/rules/parts/logi-options-plus.lsrules
diff --git a/little snitch/parts/raspberrypi-imager.lsrules b/little snitch/rules/parts/raspberrypi-imager.lsrules
similarity index 100%
rename from little snitch/parts/raspberrypi-imager.lsrules
rename to little snitch/rules/parts/raspberrypi-imager.lsrules
diff --git a/little snitch/parts/spotify.lsrules b/little snitch/rules/parts/spotify.lsrules
similarity index 79%
rename from little snitch/parts/spotify.lsrules
rename to little snitch/rules/parts/spotify.lsrules
index 94ac25d..9a15f7a 100644
--- a/little snitch/parts/spotify.lsrules	
+++ b/little snitch/rules/parts/spotify.lsrules	
@@ -6,7 +6,7 @@
             "action": "allow",
             "notes": "Allow Spotify to advertise its capabilities on the local network.",
             "ports": "1900",
-            "process": "/Users/mek/Applications/Spotify.app/Contents/MacOS/Spotify",
+            "process": "/Applications/Spotify.app/Contents/MacOS/Spotify",
             "protocol": "udp",
             "remote-addresses": "239.255.255.250"
         }
diff --git a/little snitch/parts/template.lsrules b/little snitch/rules/parts/template.lsrules
similarity index 100%
rename from little snitch/parts/template.lsrules
rename to little snitch/rules/parts/template.lsrules
diff --git a/little snitch/parts/vivaldi.lsrules b/little snitch/rules/parts/vivaldi.lsrules
similarity index 100%
rename from little snitch/parts/vivaldi.lsrules
rename to little snitch/rules/parts/vivaldi.lsrules
diff --git a/little snitch/parts/vscode.lsrules b/little snitch/rules/parts/vscode.lsrules
similarity index 100%
rename from little snitch/parts/vscode.lsrules
rename to little snitch/rules/parts/vscode.lsrules
diff --git a/little snitch/parts/whatsapp.lsrules b/little snitch/rules/parts/whatsapp.lsrules
similarity index 100%
rename from little snitch/parts/whatsapp.lsrules
rename to little snitch/rules/parts/whatsapp.lsrules