diff --git a/cmd/goatcounter/saas.go b/cmd/goatcounter/saas.go
index 5475420e..5a609204 100644
--- a/cmd/goatcounter/saas.go
+++ b/cmd/goatcounter/saas.go
@@ -80,10 +80,10 @@ func cmdSaas(f zli.Flags, ready chan<- struct{}, stop chan struct{}) error {
 		hosts := map[string]http.Handler{
 			d:          zhttp.RedirectHost("//www." + domain),
 			"www." + d: handlers.NewWebsite(db, dev),
-			"*":        handlers.NewBackend(db, acmeh, dev, c.GoatcounterCom, websocket, c.DomainStatic, 15, apiMax),
+			"*":        handlers.NewBackend(db, acmeh, dev, c.GoatcounterCom, websocket, c.DomainStatic, c.BasePath, 15, apiMax),
 		}
 		if dev {
-			hosts[znet.RemovePort(domainStatic)] = handlers.NewStatic(chi.NewRouter(), dev, true)
+			hosts[znet.RemovePort(domainStatic)] = handlers.NewStatic(chi.NewRouter(), dev, true, c.BasePath)
 		}
 
 		return doServe(ctx, db, listen, listenTLS, tlsc, hosts, stop, func() {
diff --git a/cmd/goatcounter/serve.go b/cmd/goatcounter/serve.go
index 92ec7360..b22baf9d 100644
--- a/cmd/goatcounter/serve.go
+++ b/cmd/goatcounter/serve.go
@@ -81,6 +81,12 @@ Flags:
   -public-port Port your site is publicly accessible on. Only needed if it's
                not 80 or 443.
 
+  -base-path   Path under which GoatCounter is available. Usually GoatCounter
+               runs on its own domain or subdomain ("stats.example.com"), but in
+               some cases it's useful to run GoatCounter under a path
+               ("example.com/stats"), in which case you'll need to set this to
+               "/stats".
+
   -automigrate Automatically run all pending migrations on startup.
 
   -smtp        SMTP relay server, as URL (e.g. "smtp://user:pass@server").
@@ -164,6 +170,7 @@ func cmdServe(f zli.Flags, ready chan<- struct{}, stop chan struct{}) error {
 	var (
 		// TODO(depr): -port is for compat with <2.0
 		port         = f.Int(0, "public-port", "port").Pointer()
+		basePath     = f.String("/", "base-path").Pointer()
 		domainStatic = f.String("", "static").Pointer()
 	)
 	dbConnect, dbConn, dev, automigrate, listen, flagTLS, from, websocket, apiMax, err := flagsServe(f, &v)
@@ -171,11 +178,17 @@ func cmdServe(f zli.Flags, ready chan<- struct{}, stop chan struct{}) error {
 		return err
 	}
 
-	return func(port int, domainStatic string) error {
+	return func(port int, basePath, domainStatic string) error {
 		if flagTLS == "" {
 			flagTLS = map[bool]string{true: "http", false: "acme,rdr"}[dev]
 		}
 
+		basePath = strings.Trim(basePath, "/")
+		if basePath != "" {
+			basePath = "/" + basePath
+		}
+		zhttp.BasePath = basePath
+
 		var domainCount, urlStatic string
 		if domainStatic != "" {
 			if p := strings.Index(domainStatic, ":"); p > -1 {
@@ -185,6 +198,8 @@ func cmdServe(f zli.Flags, ready chan<- struct{}, stop chan struct{}) error {
 			}
 			urlStatic = "//" + domainStatic
 			domainCount = domainStatic
+		} else {
+			urlStatic = basePath
 		}
 
 		//from := flagFrom(from, "cfg.Domain", &v)
@@ -206,17 +221,18 @@ func cmdServe(f zli.Flags, ready chan<- struct{}, stop chan struct{}) error {
 		c.DomainStatic = domainStatic
 		c.Dev = dev
 		c.URLStatic = urlStatic
+		c.BasePath = basePath
 		c.DomainCount = domainCount
 		c.Websocket = websocket
 
 		// Set up HTTP handler and servers.
 		hosts := map[string]http.Handler{
-			"*": handlers.NewBackend(db, acmeh, dev, c.GoatcounterCom, websocket, c.DomainStatic, 60, apiMax),
+			"*": handlers.NewBackend(db, acmeh, dev, c.GoatcounterCom, websocket, c.DomainStatic, c.BasePath, 60, apiMax),
 		}
 		if domainStatic != "" {
 			// May not be needed, but just in case the DomainStatic isn't an
 			// external CDN.
-			hosts[znet.RemovePort(domainStatic)] = handlers.NewStatic(chi.NewRouter(), dev, false)
+			hosts[znet.RemovePort(domainStatic)] = handlers.NewStatic(chi.NewRouter(), dev, false, c.BasePath)
 		}
 
 		cnames, err := lsSites(ctx)
@@ -238,7 +254,7 @@ func cmdServe(f zli.Flags, ready chan<- struct{}, stop chan struct{}) error {
 			}
 			ready <- struct{}{}
 		})
-	}(*port, *domainStatic)
+	}(*port, *basePath, *domainStatic)
 }
 
 func doServe(ctx context.Context, db zdb.DB,
diff --git a/context.go b/context.go
index ec99117c..6302f299 100644
--- a/context.go
+++ b/context.go
@@ -42,6 +42,7 @@ type GlobalConfig struct {
 	Domain         string
 	DomainStatic   string
 	DomainCount    string
+	BasePath       string
 	URLStatic      string
 	Dev            bool
 	GoatcounterCom bool
diff --git a/go.mod b/go.mod
index 79edde75..9e7fc139 100644
--- a/go.mod
+++ b/go.mod
@@ -35,7 +35,7 @@ require (
 	zgo.at/zcache v1.2.0
 	zgo.at/zcache/v2 v2.1.0
 	zgo.at/zdb v0.0.0-20240818155550-1a862f98cab0
-	zgo.at/zhttp v0.0.0-20240812113805-6333261ded60
+	zgo.at/zhttp v0.0.0-20240819012318-b761c83c740e
 	zgo.at/zli v0.0.0-20240614180544-47534b1ce136
 	zgo.at/zlog v0.0.0-20211017235224-dd4772ddf860
 	zgo.at/zprof v0.0.0-20211217104121-c3c12596d8f0
diff --git a/go.sum b/go.sum
index 262318ad..f37e678e 100644
--- a/go.sum
+++ b/go.sum
@@ -135,8 +135,8 @@ zgo.at/zcache/v2 v2.1.0 h1:USo+ubK+R4vtjw4viGzTe/zjXyPw6R7SK/RL3epBBxs=
 zgo.at/zcache/v2 v2.1.0/go.mod h1:gyCeoLVo01QjDZynjime8xUGHHMbsLiPyUTBpDGd4Gk=
 zgo.at/zdb v0.0.0-20240818155550-1a862f98cab0 h1:kqQjQGkuuU4Tx1Ltsb2TYC2wTgWen1chHe9OSSq68ig=
 zgo.at/zdb v0.0.0-20240818155550-1a862f98cab0/go.mod h1:hXIbV/v/ENSl5CfzICL/jpTjYb50k/gKi2kN8UeuZcY=
-zgo.at/zhttp v0.0.0-20240812113805-6333261ded60 h1:lblPmTZwREdhxVd/3sSC+AuwuzpejRHwE1uCe3BBtN4=
-zgo.at/zhttp v0.0.0-20240812113805-6333261ded60/go.mod h1:/cHu19ZTOpAvVTntj45jy52UORMnBJh+G8Gz6oIraCs=
+zgo.at/zhttp v0.0.0-20240819012318-b761c83c740e h1:XkppPemmGbgCauiZOCUpWtvPor9yiB9611AsFUoVmho=
+zgo.at/zhttp v0.0.0-20240819012318-b761c83c740e/go.mod h1:OEB7qL85qu5BBFfdmep9TTnUUb25j3aqEYYuUnmFqX4=
 zgo.at/zli v0.0.0-20240614180544-47534b1ce136 h1:Q0j5M5+5YGNaECQmKOcznyDYX3jZUCVN+c7GKUkoV8o=
 zgo.at/zli v0.0.0-20240614180544-47534b1ce136/go.mod h1:0jjx+AGEkWOOQ0NtzbMnpko+H2G+aTg8mfCKqoc/BuA=
 zgo.at/zlog v0.0.0-20211017235224-dd4772ddf860 h1:7n74jp98CwBdqGCqJoVv2+XygJ3yD43GPUivnj/RPwo=
diff --git a/handlers/backend.go b/handlers/backend.go
index 3466eae1..b17a21d1 100644
--- a/handlers/backend.go
+++ b/handlers/backend.go
@@ -19,8 +19,17 @@ import (
 	"zgo.at/zstd/zfs"
 )
 
-func NewBackend(db zdb.DB, acmeh http.HandlerFunc, dev, goatcounterCom, websocket bool, domainStatic string, dashTimeout, apiMax int) chi.Router {
-	r := chi.NewRouter()
+func NewBackend(db zdb.DB, acmeh http.HandlerFunc, dev, goatcounterCom, websocket bool,
+	domainStatic string, basePath string, dashTimeout, apiMax int,
+) chi.Router {
+
+	root := chi.NewRouter()
+	r := root
+	if basePath != "" {
+		r = chi.NewRouter()
+		root.Mount(basePath, r)
+	}
+
 	backend{dashTimeout, websocket}.Mount(r, db, dev, domainStatic, dashTimeout, apiMax)
 
 	if acmeh != nil {
@@ -28,10 +37,10 @@ func NewBackend(db zdb.DB, acmeh http.HandlerFunc, dev, goatcounterCom, websocke
 	}
 
 	if !goatcounterCom {
-		NewStatic(r, dev, goatcounterCom)
+		NewStatic(r, dev, goatcounterCom, basePath)
 	}
 
-	return r
+	return root
 }
 
 type backend struct {
diff --git a/handlers/backend_test.go b/handlers/backend_test.go
index b5111d66..7bf0d840 100644
--- a/handlers/backend_test.go
+++ b/handlers/backend_test.go
@@ -249,5 +249,5 @@ func BenchmarkCount(b *testing.B) {
 }
 
 func newBackend(db zdb.DB) chi.Router {
-	return NewBackend(db, nil, true, true, false, "example.com", 10, 0)
+	return NewBackend(db, nil, true, true, false, "example.com", "", 10, 0)
 }
diff --git a/handlers/dashboard.go b/handlers/dashboard.go
index 956c0f5e..950e3ad1 100644
--- a/handlers/dashboard.go
+++ b/handlers/dashboard.go
@@ -110,10 +110,7 @@ func (h backend) dashboard(w http.ResponseWriter, r *http.Request) error {
 
 	cd := goatcounter.Config(r.Context()).DomainCount
 	if cd == "" {
-		cd = Site(r.Context()).Domain(r.Context())
-		if goatcounter.Config(r.Context()).Port != "" {
-			cd += ":" + goatcounter.Config(r.Context()).Port
-		}
+		cd = Site(r.Context()).SchemelessURL(r.Context())
 	}
 
 	args := widgets.Args{
diff --git a/handlers/handlers.go b/handlers/handlers.go
index fb9ee4ac..6f64051b 100644
--- a/handlers/handlers.go
+++ b/handlers/handlers.go
@@ -60,6 +60,7 @@ type Globals struct {
 	User           *goatcounter.User
 	Site           *goatcounter.Site
 	Path           string
+	Base           string
 	Flash          *zhttp.FlashMessage
 	Static         string
 	StaticDomain   string
@@ -79,11 +80,17 @@ func (g Globals) T(msg string, data ...any) template.HTML {
 
 func newGlobals(w http.ResponseWriter, r *http.Request) Globals {
 	ctx := r.Context()
+	base := goatcounter.Config(ctx).BasePath
+	path := strings.TrimPrefix(r.URL.Path, base)
+	if path == "" {
+		path = "/"
+	}
 	g := Globals{
 		Context:        ctx,
 		User:           goatcounter.GetUser(ctx),
 		Site:           goatcounter.GetSite(ctx),
-		Path:           r.URL.Path,
+		Path:           path,
+		Base:           base,
 		Flash:          zhttp.ReadFlash(w, r),
 		Static:         goatcounter.Config(ctx).URLStatic,
 		Domain:         goatcounter.Config(ctx).Domain,
@@ -124,7 +131,7 @@ func newGlobals(w http.ResponseWriter, r *http.Request) Globals {
 	return g
 }
 
-func NewStatic(r chi.Router, dev, goatcounterCom bool) chi.Router {
+func NewStatic(r chi.Router, dev, goatcounterCom bool, basePath string) chi.Router {
 	var cache map[string]int
 	if !dev {
 		cache = map[string]int{
@@ -141,6 +148,9 @@ func NewStatic(r chi.Router, dev, goatcounterCom bool) chi.Router {
 	s.Header("/count.js", map[string]string{
 		"Cross-Origin-Resource-Policy": "cross-origin",
 	})
-	r.Get("/*", s.ServeHTTP)
+	r.Get("/*", func(w http.ResponseWriter, r *http.Request) {
+		r.URL.Path = strings.TrimPrefix(r.URL.Path, basePath)
+		s.ServeHTTP(w, r)
+	})
 	return r
 }
diff --git a/handlers/i18n.go b/handlers/i18n.go
index 5cd48d1e..e14c6802 100644
--- a/handlers/i18n.go
+++ b/handlers/i18n.go
@@ -140,7 +140,7 @@ func (h i18n) show(w http.ResponseWriter, r *http.Request) error {
 
 	return zhttp.Template(w, "i18n_show.gohtml", struct {
 		Globals
-		Base       msgfile.File
+		BaseFile   msgfile.File
 		File       msgfile.File
 		TOMLFile   string
 		FormatLink func(string) string
diff --git a/handlers/mw.go b/handlers/mw.go
index e8d4e822..2fa9c326 100644
--- a/handlers/mw.go
+++ b/handlers/mw.go
@@ -37,7 +37,7 @@ var Started time.Time
 var (
 	redirect = func(w http.ResponseWriter, r *http.Request) error {
 		zhttp.Flash(w, "Need to log in")
-		return guru.Errorf(303, "/user/new")
+		return guru.Errorf(303, goatcounter.Config(r.Context()).BasePath+"/user/new")
 	}
 
 	loggedIn = auth.Filter(func(w http.ResponseWriter, r *http.Request) error {
@@ -76,7 +76,7 @@ var (
 				Secure:   zhttp.CookieSecure,
 				SameSite: zhttp.CookieSameSite,
 			})
-			return guru.Errorf(303, "/")
+			return guru.Errorf(303, goatcounter.Config(r.Context()).BasePath+"/")
 		}
 		if c, err := r.Cookie("access-token"); err == nil && s.Settings.CanView(c.Value) {
 			return nil
@@ -220,7 +220,7 @@ func addctx(db zdb.DB, loadSite bool, dashTimeout int) func(http.Handler) http.H
 
 func noSites(db zdb.DB, w http.ResponseWriter, r *http.Request) {
 	if r.URL.Path != "/" {
-		w.Header().Set("Location", "/")
+		w.Header().Set("Location", goatcounter.Config(r.Context()).BasePath+"/")
 		w.WriteHeader(307)
 		return
 	}
@@ -302,11 +302,12 @@ func noSites(db zdb.DB, w http.ResponseWriter, r *http.Request) {
 	}
 
 	err := zhttp.Template(w, "serve_newsite.gohtml", struct {
+		Globals
 		Validate *zvalidate.Validator
 		Error    error
 		Email    string
 		Cname    string
-	}{&v, tplErr, args.Email, args.Cname})
+	}{newGlobals(w, r), &v, tplErr, args.Email, args.Cname})
 	if err != nil {
 		zlog.Error(err)
 	}
diff --git a/handlers/user.go b/handlers/user.go
index cd94a12d..321deaaa 100644
--- a/handlers/user.go
+++ b/handlers/user.go
@@ -536,7 +536,7 @@ func (h user) verify(w http.ResponseWriter, r *http.Request) error {
 	return zhttp.SeeOther(w, "/")
 }
 
-// Make sure to use the currect cookie, since both "custom.example.com" and
+// Make sure to use the correct cookie, since both "custom.example.com" and
 // "example.goatcounter.com" will work if you're using a custom domain.
 func cookieDomain(site *goatcounter.Site, r *http.Request) string {
 	if r.Host == site.Domain(r.Context()) {
diff --git a/handlers/website.go b/handlers/website.go
index 9e9e0ce3..03923062 100644
--- a/handlers/website.go
+++ b/handlers/website.go
@@ -394,7 +394,7 @@ func (h website) doSignup(w http.ResponseWriter, r *http.Request) error {
 		}
 	})
 
-	return zhttp.SeeOther(w, fmt.Sprintf("%s/user/new", site.URL(r.Context())))
+	return zhttp.SeeOther(w, site.URL(r.Context())+"/user/new")
 }
 
 func (h website) forgot(err error, email, turingTest string) zhttp.HandlerFunc {
@@ -481,11 +481,7 @@ func (h website) help(w http.ResponseWriter, r *http.Request) error {
 
 	dc := goatcounter.Config(r.Context()).DomainCount
 	if dc == "" {
-		dc = Site(r.Context()).Domain(r.Context())
-		port := goatcounter.Config(r.Context()).Port
-		if port != "" {
-			dc += port
-		}
+		dc = Site(r.Context()).SchemelessURL(r.Context())
 	}
 
 	cp := chi.URLParam(r, "*")
diff --git a/public/backend.js b/public/backend.js
index 696fc248..3df65611 100644
--- a/public/backend.js
+++ b/public/backend.js
@@ -8,6 +8,7 @@
 	$(document).ready(function() {
 		window.I18N              = JSON.parse($('#js-i18n').text())
 		window.USER_SETTINGS     = JSON.parse($('#js-settings').text())
+		window.BASE_PATH         = $('#js-settings').attr('data-base-path') || ""
 		window.CSRF              = $('#js-settings').attr('data-csrf')
 		window.TZ_OFFSET         = parseInt($('#js-settings').attr('data-offset'), 10) || 0
 		window.SITE_FIRST_HIT_AT = $('#js-settings').attr('data-first-hit-at') * 1000
@@ -25,9 +26,9 @@
 	var report_errors = function() {
 		window.onerror = on_error
 		$(document).on('ajaxError', function(e, xhr, settings, err) {
-			if (settings.url === '/jserr')  // Just in case, otherwise we'll be stuck.
+			if (settings.url === BASE_PATH + '/jserr')  // Just in case, otherwise we'll be stuck.
 				return
-			if (settings.url === '/load-widget')
+			if (settings.url === BASE_PATH + '/load-widget')
 				return
 			var msg = T("error/load-url", {url: settings.url, error: err})
 			console.error(msg)
@@ -53,7 +54,7 @@
 			return
 
 		jQuery.ajax({
-			url:    '/jserr',
+			url:    BASE_PATH + '/jserr',
 			method: 'POST',
 			data:    {msg: msg, url: url, line: line, column: column, stack: (err||{}).stack, ua: navigator.userAgent, loc: window.location+''},
 		})
@@ -125,7 +126,7 @@
 			e.preventDefault()
 
 			jQuery.ajax({
-				url:     '/settings/main/ip',
+				url:     BASE_PATH + '/settings/main/ip',
 				success: function(data) {
 					var input   = $('[name="settings.ignore_ips"]'),
 						current = input.val().split(',').
@@ -161,7 +162,7 @@
 
 		// Update redirect link.
 		$('#settings-secret').on('change', function(e) {
-			$('#secret-url').val(`${location.protocol}//${location.host}?access-token=${this.value}`)
+			$('#secret-url').val(`${location.protocol}//${location.host}${BASE_PATH}?access-token=${this.value}`)
 		}).trigger('change')
 	}
 
@@ -193,7 +194,7 @@
 				return
 
 			jQuery.ajax({
-				url:     '/user/dashboard/widget/' + this.selectedOptions[0].value,
+				url:     BASE_PATH + '/user/dashboard/widget/' + this.selectedOptions[0].value,
 				success: function(data) {
 					var i    = 1 + $('.index').toArray().map((e) => parseInt(e.value, 10)).sort().pop(),
 						html = $(data.replace(/widgets([\[_])0([\]_])/g, `widgets$1${i}$2`))
diff --git a/public/dashboard.js b/public/dashboard.js
index 37cbdf14..b13e8f6c 100644
--- a/public/dashboard.js
+++ b/public/dashboard.js
@@ -26,7 +26,7 @@
 			return
 
 		let cid  = $('#js-connect-id').text()
-		window.WEBSOCKET = new WebSocket((location.protocol === 'https:' ? 'wss://' : 'ws://') + document.location.host + '/loader?id=' + cid)
+		window.WEBSOCKET = new WebSocket((location.protocol === 'https:' ? 'wss://' : 'ws://') + document.location.host + BASE_PATH + '/loader?id=' + cid)
 		window.WEBSOCKET.onmessage = function(e) {
 			let msg = JSON.parse(e.data),
 				wid = $(`#dash-widgets div[data-widget=${msg.id}]`)
@@ -47,7 +47,7 @@
 				btn    = $(this),
 				pos    = btn.offset(),
 				wid    = btn.closest('[data-widget]').attr('data-widget'),
-				url    = '/user/dashboard/' + wid,
+				url    = BASE_PATH + '/user/dashboard/' + wid,
 				remove = function() {
 					pop.remove()
 					$(document.body).off('.unpop')
@@ -94,7 +94,7 @@
 		data['total']  = $('.js-total-utc').text()
 
 		jQuery.ajax({
-			url:  '/load-widget',
+			url:  BASE_PATH + '/load-widget',
 			type: 'get',
 			data: append_period(data),
 			success: function(data) {
@@ -112,7 +112,7 @@
 	// Reload all widgets on the dashboard.
 	var reload_dashboard = function(done) {
 		jQuery.ajax({
-			url:     '/',
+			url:     BASE_PATH + '/',
 			data:    append_period({
 				daily:     $('#daily').is(':checked'),
 				max:       get_original_scale(),
@@ -326,7 +326,7 @@
 
 			var done = paginate_button($(this), () => {
 				jQuery.ajax({
-					url:    '/user/view',
+					url:    BASE_PATH + '/user/view',
 					method: 'POST',
 					data: {
 						csrf:      CSRF,
@@ -387,7 +387,7 @@
 			$('.list-ref-pages').remove()
 			var done = paginate_button(btn, () => {
 				jQuery.ajax({
-					url: '/pages-by-ref',
+					url: BASE_PATH + '/pages-by-ref',
 					data: append_period({name: btn.text()}),
 					success: function(data) {
 						p.append(data.html)
@@ -677,7 +677,7 @@
 				pages = $(this).closest('.pages-list')
 			let done = paginate_button(btn, () => {
 				jQuery.ajax({
-					url:  '/load-widget',
+					url:  BASE_PATH + '/load-widget',
 					data: append_period({
 						widget:    pages.attr('data-widget'),
 						daily:     $('#daily').is(':checked'),
@@ -752,7 +752,7 @@
 			push_query({showrefs: path})
 			let done = paginate_button(btn , () => {
 				jQuery.ajax({
-					url:   '/load-widget',
+					url:   BASE_PATH + '/load-widget',
 					data: append_period({
 						widget: widget,
 						key:    path,
@@ -806,7 +806,7 @@
 				rows.data('pagesize', rows.children().length)
 			let done = paginate_button($(this), () => {
 				jQuery.ajax({
-					url:  '/load-widget',
+					url:  BASE_PATH + '/load-widget',
 					data: append_period({
 						widget: chart.attr('data-widget'),
 						total:  get_total(),
@@ -840,7 +840,7 @@
 			l.addClass('loading')
 			var done = paginate_button(l, () => {
 				jQuery.ajax({
-					url:     '/load-widget',
+					url:     BASE_PATH + '/load-widget',
 					data:    append_period({
 						widget: widget,
 						key:    key,
diff --git a/public/help.js b/public/help.js
index a1f8fcf9..0a0402a3 100644
--- a/public/help.js
+++ b/public/help.js
@@ -1,5 +1,7 @@
+let helpIndex = window.location.pathname.lastIndexOf('/help');
+let basePath = window.location.pathname.slice(0, helpIndex === -1 ? 0 : helpIndex)
 document.querySelector('select').addEventListener('change', function(e) {
-	window.location = '/code/' + this.value
+	window.location = basePath + '/help/' + this.value
 })
 document.querySelector('.show-contact').addEventListener('click', function(e) {
 	e.preventDefault()
@@ -26,7 +28,7 @@ if (expand)
 			})
 	})
 
-if (window.location.pathname === '/help/visitor-counter') {
+if (window.location.pathname === basePath + '/help/visitor-counter') {
 	var t = setInterval(function() {
 		if (window.goatcounter && window.goatcounter.visit_count) {
 			clearInterval(t)
diff --git a/public/shared.css b/public/shared.css
index 9ca52131..6b990dfb 100644
--- a/public/shared.css
+++ b/public/shared.css
@@ -1,23 +1,4 @@
 /*** Fonts ***/
-@font-face {
-	font-family: 'Lato'; font-style: normal; font-weight: 400; font-display: fallback;
-	src: local('Lato'), local('Lato Regular'),
-		url('/fonts/latolatin.woff2') format('woff2'),
-		url('./fonts/latolatin.woff2') format('woff2');
-}
-@font-face {
-	font-family: 'Lato'; font-style: normal; font-weight: 700; font-display: fallback;
-	src: local('Lato Bold'), local('Lato Bold'),
-		url('/fonts/latolatin-bold.woff2') format('woff2'),
-		url('./fonts/latolatin-bold.woff2') format('woff2');
-}
-@font-face {
-	font-family: 'Lato'; font-style: italic; font-weight: 400; font-display: fallback;
-	src: local('Lato Italic'), local('Lato Italic'),
-		url('/fonts/latolatin-italic.woff2') format('woff2'),
-		url('./fonts/latolatin-italic.woff2') format('woff2');
-}
-
 html { font: 16px/150% 'Lato', sans-serif; text-size-adjust: none; -webkit-text-size-adjust: none;
        background-color: var(--backdrop); color: var(--text); tab-size: 4; }
 html, body { margin: 0; }
diff --git a/settings.go b/settings.go
index c3249ef6..9842da8e 100644
--- a/settings.go
+++ b/settings.go
@@ -405,7 +405,7 @@ func (ss SiteSettings) CollectFlags(ctx context.Context) []CollectFlag {
 	return []CollectFlag{
 		{
 			Label: z18n.T(ctx, "data-collect/label/sessions|Sessions"),
-			Help:  z18n.T(ctx, "data-collect/help/sessions|%[Track unique visitors] for up to 8 hours; if you disable this then someone pressing e.g. F5 to reload the page will just show as 2 pageviews instead of 1.", z18n.Tag("a", `href="/help/sessions"`)),
+			Help:  z18n.T(ctx, "data-collect/help/sessions|%[Track unique visitors] for up to 8 hours; if you disable this then someone pressing e.g. F5 to reload the page will just show as 2 pageviews instead of 1.", z18n.Tag("a", fmt.Sprintf(`href="%s/help/sessions"`, Config(ctx).BasePath))),
 			Flag:  CollectSession,
 		},
 		{
diff --git a/site.go b/site.go
index 34d7cb9c..583d88f0 100644
--- a/site.go
+++ b/site.go
@@ -523,17 +523,22 @@ func (s Site) Display(ctx context.Context) string {
 	return fmt.Sprintf("%s.%s", s.Code, znet.RemovePort(Config(ctx).Domain))
 }
 
-// URL to this site.
-func (s Site) URL(ctx context.Context) string {
+// URL to this site, without the scheme.
+func (s Site) SchemelessURL(ctx context.Context) string {
 	if s.Cname != nil && s.CnameSetupAt != nil {
-		return fmt.Sprintf("http%s://%s%s",
-			map[bool]string{true: "", false: "s"}[Config(ctx).Dev],
-			*s.Cname, Config(ctx).Port)
+		return *s.Cname + Config(ctx).Port + Config(ctx).BasePath
 	}
 
-	return fmt.Sprintf("http%s://%s.%s%s",
-		map[bool]string{true: "", false: "s"}[Config(ctx).Dev],
-		s.Code, Config(ctx).Domain, Config(ctx).Port)
+	return fmt.Sprintf("%s.%s%s%s",
+		s.Code, Config(ctx).Domain, Config(ctx).Port, Config(ctx).BasePath)
+}
+
+// URL to this site.
+func (s Site) URL(ctx context.Context) string {
+	if Config(ctx).Dev {
+		return "http://" + s.SchemelessURL(ctx)
+	}
+	return "https://" + s.SchemelessURL(ctx)
 }
 
 // LinkDomainURL creates a valid url to the configured LinkDomain.
diff --git a/tpl/_backend_bottom.gohtml b/tpl/_backend_bottom.gohtml
index 31da781b..1f506a36 100644
--- a/tpl/_backend_bottom.gohtml
+++ b/tpl/_backend_bottom.gohtml
@@ -8,6 +8,7 @@
 		data-offset="{{.User.Settings.Timezone.Offset}}"
 		data-first-hit-at="{{.Site.FirstHitAt.Unix}}"
 		data-websocket="{{.Websocket}}"
+		{{if .Base}}data-base-path="{{.Base}}"{{end}}
 		{{if .User.ID}}data-csrf="{{.User.CSRFToken}}"{{end}}
 	>
 		{{- .User.Settings.String | unsafe_js -}}
diff --git a/tpl/_backend_signin.gohtml b/tpl/_backend_signin.gohtml
index 712e7608..6b212a98 100644
--- a/tpl/_backend_signin.gohtml
+++ b/tpl/_backend_signin.gohtml
@@ -1,4 +1,4 @@
-<form method="post" action="/user/requestlogin" class="vertical">
+<form method="post" action="{{.Base}}/user/requestlogin" class="vertical">
 	<label for="email">{{.T "label/email-address|Email address"}}</label>
 	<input type="email" name="email" id="email" value="{{.Email}}" autofocus required><br>
 
@@ -7,4 +7,4 @@
 	<button>{{.T "button/sign-in|Sign in"}}</button>
 </form>
 
-<p><a href="/user/forgot">{{.T "button/forgot-password|Forgot password?"}}</a></p>
+<p><a href="{{.Base}}/user/forgot">{{.T "button/forgot-password|Forgot password?"}}</a></p>
diff --git a/tpl/_backend_top.gohtml b/tpl/_backend_top.gohtml
index ec4e7db7..c1ae085c 100644
--- a/tpl/_backend_top.gohtml
+++ b/tpl/_backend_top.gohtml
@@ -12,6 +12,23 @@
 		<link rel="stylesheet" href="{{.Static}}/vars.css?v={{.Version}}">
 		<link rel="stylesheet" href="{{.Static}}/dark.css?v={{.Version}}" media="(prefers-color-scheme: dark)">
 	{{end}}
+	<style>
+		@font-face {
+			font-family: 'Lato'; font-style: normal; font-weight: 400; font-display: fallback;
+			src: local('Lato'), local('Lato Regular'),
+				url('{{.Static}}/fonts/latolatin.woff2') format('woff2');
+		}
+		@font-face {
+			font-family: 'Lato'; font-style: normal; font-weight: 700; font-display: fallback;
+			src: local('Lato Bold'), local('Lato Bold'),
+				url('{{.Static}}/fonts/latolatin-bold.woff2') format('woff2');
+		}
+		@font-face {
+			font-family: 'Lato'; font-style: italic; font-weight: 400; font-display: fallback;
+			src: local('Lato Italic'), local('Lato Italic'),
+				url('{{.Static}}/fonts/latolatin-italic.woff2') format('woff2');
+		}
+	</style>
 	<link rel="stylesheet" href="{{.Static}}/shared.css?v={{.Version}}">
 	<link rel="stylesheet" href="{{.Static}}/pikaday.css?v={{.Version}}">
 	<link rel="stylesheet" href="{{.Static}}/backend.css?v={{.Version}}">
@@ -45,29 +62,29 @@
 								{{range $i, $s := .SubSites -}}
 									{{- if gt $i 0 -}}|{{- end -}}
 									{{if $.GoatcounterCom}} <a{{if eq $s $.Site.Code}} class="active"{{end}} href="//{{$s}}.{{$.Domain}}{{$.Port}}">{{$s}}</a>
-									{{else}} <a{{if eq $s (deref $.Site.Cname)}} class="active"{{end}} href="//{{$s}}{{$.Port}}">{{$s}}</a>
+									{{else}} <a{{if eq $s (deref $.Site.Cname)}} class="active"{{end}} href="//{{$s}}{{$.Port}}{{$.Base}}">{{$s}}</a>
 									{{end -}}
 								{{end}}
 							</span>
 						</div>
 					{{- end -}}
 				{{else if has_prefix .Path "/settings/sites/remove/"}}
-					<strong id="back"><a href="/settings/sites">←&#xfe0e; {{.T "top-nav/back|Back"}}</a></strong>
+					<strong id="back"><a href="{{.Base}}/settings/sites">←&#xfe0e; {{.T "top-nav/back|Back"}}</a></strong>
 				{{else if has_prefix .Path "/settings/purge/confirm"}}
-					<strong id="back"><a href="/settings/purge">←&#xfe0e; {{.T "top-nav/back|Back"}}</a></strong>
+					<strong id="back"><a href="{{.Base}}/settings/purge">←&#xfe0e; {{.T "top-nav/back|Back"}}</a></strong>
 				{{else if has_prefix .Path "/i18n/"}}
-					<strong id="back"><a href="/i18n">←&#xfe0e; {{.T "top-nav/back|Back"}}</a></strong>
+					<strong id="back"><a href="{{.Base}}/i18n">←&#xfe0e; {{.T "top-nav/back|Back"}}</a></strong>
 				{{else if has_prefix .Path "/bosmang/"}}
-					<strong id="back"><a href="/settings/server">←&#xfe0e; {{.T "top-nav/back|Back"}}</a></strong>
+					<strong id="back"><a href="{{.Base}}/settings/server">←&#xfe0e; {{.T "top-nav/back|Back"}}</a></strong>
 				{{else}}
-					<strong id="back"><a href="/">←&#xfe0e; {{.T "top-nav/dashboard|Dashboard"}}</a></strong>
+					<strong id="back"><a href="{{.Base}}/">←&#xfe0e; {{.T "top-nav/dashboard|Dashboard"}}</a></strong>
 				{{end}}
 			</div>
 			<div id="usermenu">
-				<a {{if eq .Path "/help"}}class="active" {{end}}href="/help">{{.T "top-nav/documentation|Help"}}</a> |
-				{{if .User.AccessSettings}}<a {{if has_prefix .Path "/settings"}}class="active" {{end}}href="/settings">{{.T "top-nav/settings|Settings"}}</a> |{{end}}
-				<a {{if has_prefix .Path "/user"}}class="active" {{end}}href="/user">{{.User.EmailShort}}</a> |
-				<form method="post" action="/user/logout">
+				<a {{if eq .Path "/help"}}class="active" {{end}}href="{{.Base}}/help">{{.T "top-nav/documentation|Help"}}</a> |
+				{{if .User.AccessSettings}}<a {{if has_prefix .Path "/settings"}}class="active" {{end}}href="{{.Base}}/settings">{{.T "top-nav/settings|Settings"}}</a> |{{end}}
+				<a {{if has_prefix .Path "/user"}}class="active" {{end}}href="{{.Base}}/user">{{.User.EmailShort}}</a> |
+				<form method="post" action="{{.Base}}/user/logout">
 					<input type="hidden" name="csrf" value="{{.User.CSRFToken}}">
 					<button class="link">{{.T "top-nav/sign-out|Sign out"}}</button>
 				</form>
@@ -84,7 +101,7 @@
 					"timezone-offset" .User.Settings.Timezone.OffsetDisplay
 				)}}
 			</div>
-			<div id="signin"><a href="/user/new">{{.T "top-nav/sign-in|Sign in"}}</a></div>
+			<div id="signin"><a href="{{.Base}}/user/new">{{.T "top-nav/sign-in|Sign in"}}</a></div>
 		{{- end -}}
 	</nav>
 
@@ -94,7 +111,7 @@
 	{{if and .User.ID (before .Site.CreatedAt "2024-04-07")}}
 		<div class="flash flash-i onetime onetime-dark">
 			The default theme colours are now set from your system; you can change it back to the
-			previous by changing it in <a href="/user/pref#section-email-reports">your user settings</a>
+			previous by changing it in <a href="{{.Base}}/user/pref#section-email-reports">your user settings</a>
 			–
 			<a href="" class="close">don’t show again</a>
 		</div>
diff --git a/tpl/_bottom_links.gohtml b/tpl/_bottom_links.gohtml
index 9454921f..748a85f1 100644
--- a/tpl/_bottom_links.gohtml
+++ b/tpl/_bottom_links.gohtml
@@ -1,9 +1,9 @@
 <footer class="center cbox">
 	<div>
 		<a {{if .Site}}target="_blank" rel="noopener"{{end}} href="https://www.goatcounter.com">{{.T "nav-bot/home|Home"}}</a><span> |</span>
-		<a href="/contact"   >{{.T "nav-bot/contact|Contact"}}</a><span> |</span>
-		<a href="/help"      >{{.T "nav-bot/docs|Documentation"}}</a><span> |</span>
-		<a href="/contribute">{{.T "nav-bot/contribute|Contribute"}}</a>
+		<a href="{{.Base}}/contact"   >{{.T "nav-bot/contact|Contact"}}</a><span> |</span>
+		<a href="{{.Base}}/help"      >{{.T "nav-bot/docs|Documentation"}}</a><span> |</span>
+		<a href="{{.Base}}/contribute">{{.T "nav-bot/contribute|Contribute"}}</a>
 	</div>
 	<div>
 		<a href="https://github.com/arp242/goatcounter"                target="_blank" rel="noopener">{{.T "nav-bot/src|Source code"}}</a><span> |</span>
diff --git a/tpl/_contact.gohtml b/tpl/_contact.gohtml
index abfe9f5b..74646f5a 100644
--- a/tpl/_contact.gohtml
+++ b/tpl/_contact.gohtml
@@ -8,7 +8,7 @@
 		<a href="mailto:support@goatcounter.com">support@goatcounter.com</a>.</li>
 </ul>
 
-<form method="post" action="/contact" class="contact-form">
+<form method="post" action="{{.Base}}/contact" class="contact-form">
 	<input type="hidden" name="return" value="{{if .a}}{{.a.Return}}{{else}}{{.r}}{{end}}">
 
 	<strong>Send message</strong>
diff --git a/tpl/_dashboard_configure_widget.gohtml b/tpl/_dashboard_configure_widget.gohtml
index 297e22f9..c4ea048e 100644
--- a/tpl/_dashboard_configure_widget.gohtml
+++ b/tpl/_dashboard_configure_widget.gohtml
@@ -1,4 +1,4 @@
-<form class="widget-settings" method="post" action="/user/dashboard/{{.I}}">
+<form class="widget-settings" method="post" action="{{.Base}}/user/dashboard/{{.I}}">
 	{{template "_user_dashboard_widget.gohtml" .}}
 	<button>{{.T "button/save|Save"}}</button>
 </form>
diff --git a/tpl/_dashboard_hchart.gohtml b/tpl/_dashboard_hchart.gohtml
index 32508c6d..8767bee6 100644
--- a/tpl/_dashboard_hchart.gohtml
+++ b/tpl/_dashboard_hchart.gohtml
@@ -10,7 +10,7 @@
 				<a href="#" class="logged-in configure-widget" aria-label="{{t $.Context "button/cfg-dashboard|Configure"}}">⚙&#xfe0f;</a>
 			{{end}}
 		</div>
-		{{template "_dashboard_warn_collect.gohtml" (map "IsCollected" .IsCollected "Context" .Context)}}
+		{{template "_dashboard_warn_collect.gohtml" (map "IsCollected" .IsCollected "Context" .Context "Base" .Base)}}
 		{{if .Err}}
 			<em>{{t $.Context "p/error|Error: %(error-message)" .Err}}</em>
 		{{else}}
diff --git a/tpl/_dashboard_warn_collect.gohtml b/tpl/_dashboard_warn_collect.gohtml
index bdceedd0..42fda4f1 100644
--- a/tpl/_dashboard_warn_collect.gohtml
+++ b/tpl/_dashboard_warn_collect.gohtml
@@ -1,7 +1,7 @@
 {{if not .IsCollected}}
 	<div class="not-collected">
 		{{t .Context "p/collect-disabled|Collecting this information is currently %[disabled in settings]."
-			(tag "a" `href="/settings/main#section-collect"`)}}
+			(tag "a" (printf `href="%s/settings/main#section-collect"` .Base))}}
 	</div>
 {{end}}
 
diff --git a/tpl/_settings_nav.gohtml b/tpl/_settings_nav.gohtml
index e5efe92d..c40810d5 100644
--- a/tpl/_settings_nav.gohtml
+++ b/tpl/_settings_nav.gohtml
@@ -1,16 +1,16 @@
 <nav class="tab-nav">
-	<a class="{{if has_prefix .Path "/settings/main"}}active{{end}}"   href="/settings/main">{{.T "link/settings|Settings"}}</a>
-	<a class="{{if has_prefix .Path "/settings/purge"}}active{{end}}"  href="/settings/purge">{{.T "link/manage-pageviews|Manage pageviews"}}</a>
-	<a class="{{if has_prefix .Path "/settings/export"}}active{{end}}" href="/settings/export">{{.T "link/import|Import/Export"}}</a>
+	<a class="{{if has_prefix .Path "/settings/main"}}active{{end}}"   href="{{.Base}}/settings/main">{{.T "link/settings|Settings"}}</a>
+	<a class="{{if has_prefix .Path "/settings/purge"}}active{{end}}"  href="{{.Base}}/settings/purge">{{.T "link/manage-pageviews|Manage pageviews"}}</a>
+	<a class="{{if has_prefix .Path "/settings/export"}}active{{end}}" href="{{.Base}}/settings/export">{{.T "link/import|Import/Export"}}</a>
 
 	{{if .User.AccessAdmin}}
-	<a class="{{if has_prefix .Path "/settings/users"}}active{{end}}"  href="/settings/users">{{.T "link/users|Users"}}</a>
-	<a class="{{if has_prefix .Path "/settings/sites"}}active{{end}}"  href="/settings/sites">{{.T "link/sites|Sites"}}</a>
+	<a class="{{if has_prefix .Path "/settings/users"}}active{{end}}"  href="{{.Base}}/settings/users">{{.T "link/users|Users"}}</a>
+	<a class="{{if has_prefix .Path "/settings/sites"}}active{{end}}"  href="{{.Base}}/settings/sites">{{.T "link/sites|Sites"}}</a>
 		{{if .GoatcounterCom}}
-		<a class="{{if has_prefix .Path "/settings/delete-account"}}active{{end}}" href="/settings/delete-account">{{.T "link/rm-account|Delete account"}}</a>
+		<a class="{{if has_prefix .Path "/settings/delete-account"}}active{{end}}" href="{{.Base}}/settings/delete-account">{{.T "link/rm-account|Delete account"}}</a>
 		{{end}}
 	{{end}}
 	{{if .User.AccessSuperuser}}
-		<a class="{{if has_prefix .Path "/settings/server"}}active{{end}}"  href="/settings/server">Server management</a>
+		<a class="{{if has_prefix .Path "/settings/server"}}active{{end}}"  href="{{.Base}}/settings/server">Server management</a>
 	{{end}}
 </nav>
diff --git a/tpl/_top.gohtml b/tpl/_top.gohtml
index c2bba81d..1fd2eb25 100644
--- a/tpl/_top.gohtml
+++ b/tpl/_top.gohtml
@@ -6,14 +6,31 @@
 	<meta name="description" content="{{.MetaDesc}}">
 	<title>GoatCounter – open source web analytics</title>
 	<link rel="stylesheet" href="{{.Static}}/vars.css?v={{.Version}}">
+	<style>
+		@font-face {
+			font-family: 'Lato'; font-style: normal; font-weight: 400; font-display: fallback;
+			src: local('Lato'), local('Lato Regular'),
+				url('{{.Static}}/fonts/latolatin.woff2') format('woff2');
+		}
+		@font-face {
+			font-family: 'Lato'; font-style: normal; font-weight: 700; font-display: fallback;
+			src: local('Lato Bold'), local('Lato Bold'),
+				url('{{.Static}}/fonts/latolatin-bold.woff2') format('woff2');
+		}
+		@font-face {
+			font-family: 'Lato'; font-style: italic; font-weight: 400; font-display: fallback;
+			src: local('Lato Italic'), local('Lato Italic'),
+				url('{{.Static}}/fonts/latolatin-italic.woff2') format('woff2');
+		}
+	</style>
 	<link rel="stylesheet" href="{{.Static}}/shared.css?v={{.Version}}">
 	<link rel="stylesheet" href="{{.Static}}/style.css?v={{.Version}}">
-	<link rel="canonical" href="https://{{.Domain}}{{if ne .Page "home"}}/{{.Page}}{{end}}">
+	<link rel="canonical" href="https://{{.Domain}}{{.Base}}/{{if ne .Page "home"}}{{.Page}}{{end}}">
 </head>
 
 <body>
 	{{if ne .Page "home"}}<nav class="center">
-		<strong id="back"><a href="/">←&#xfe0e; {{if .Site}}Dashboard{{else}}Home{{end}}</a></strong>
+		<strong id="back"><a href="{{.Base}}/">←&#xfe0e; {{if .Site}}Dashboard{{else}}Home{{end}}</a></strong>
 	</nav>{{end}}
 	<div class="page page-{{.Page}}">
 	{{- if .Flash}}<div class="flash flash-{{.Flash.Level}}">{{.Flash.Message}}</div>{{end -}}
diff --git a/tpl/_user_nav.gohtml b/tpl/_user_nav.gohtml
index 3f627149..e0029afd 100644
--- a/tpl/_user_nav.gohtml
+++ b/tpl/_user_nav.gohtml
@@ -1,9 +1,9 @@
 <nav class="tab-nav">
-	<a class="{{if has_prefix .Path "/user/pref"}}active{{end}}"      href="/user/pref">{{.T "link/preferences|Preferences"}}</a>
-	<a class="{{if has_prefix .Path "/user/dashboard"}}active{{end}}" href="/user/dashboard">{{.T "link/dashboard|Dashboard"}}</a>
-	<a class="{{if has_prefix .Path "/user/auth"}}active{{end}}"      href="/user/auth">{{.T "link/passwd-mfa|Password & MFA"}}</a>
+	<a class="{{if has_prefix .Path "/user/pref"}}active{{end}}"      href="{{.Base}}/user/pref">{{.T "link/preferences|Preferences"}}</a>
+	<a class="{{if has_prefix .Path "/user/dashboard"}}active{{end}}" href="{{.Base}}/user/dashboard">{{.T "link/dashboard|Dashboard"}}</a>
+	<a class="{{if has_prefix .Path "/user/auth"}}active{{end}}"      href="{{.Base}}/user/auth">{{.T "link/passwd-mfa|Password & MFA"}}</a>
 	{{if .User.AccessAdmin}}
-	<a class="{{if has_prefix .Path "/user/api"}}active{{end}}"       href="/user/api">{{.T "link/api|API"}}</a>
+	<a class="{{if has_prefix .Path "/user/api"}}active{{end}}"       href="{{.Base}}/user/api">{{.T "link/api|API"}}</a>
 	{{end}}
 </nav>
 <p>{{.T "p/settings-all-sites|These settings take effect for all the sites you have access to."}}</p>
diff --git a/tpl/bosmang_bgrun.gohtml b/tpl/bosmang_bgrun.gohtml
index fc43d36e..c39c05ae 100644
--- a/tpl/bosmang_bgrun.gohtml
+++ b/tpl/bosmang_bgrun.gohtml
@@ -16,7 +16,7 @@
 			<td>{{$t.Period}}</td>
 			<td>{{$t.ID}}</td>
 			<td>{{$t.Desc}}</td>
-			<td><form method="post" action="/bosmang/bgrun/{{$i}}">
+			<td><form method="post" action="{{$.Base}}/bosmang/bgrun/{{$i}}">
 				<input type="hidden" name="csrf" value="{{$.User.CSRFToken}}">
 				<button class="link" title="Run the task now; this won't reset the timer for the scheduled task">Run now</button>
 			</form></td>
diff --git a/tpl/contact.gohtml b/tpl/contact.gohtml
index 1a049a2b..fcc83332 100644
--- a/tpl/contact.gohtml
+++ b/tpl/contact.gohtml
@@ -2,6 +2,6 @@
 
 <h1>GoatCounter contact</h1>
 <p>There are a few ways to contact me:</p>
-{{template "_contact.gohtml" (map "v" .Validate "r" "/contact" "a" .Args)}}
+{{template "_contact.gohtml" (map "v" .Validate "r" "/contact" "a" .Args "Base" .Base)}}
 
 {{template "_bottom.gohtml" .}}
diff --git a/tpl/dashboard.gohtml b/tpl/dashboard.gohtml
index 752418ee..999b582c 100644
--- a/tpl/dashboard.gohtml
+++ b/tpl/dashboard.gohtml
@@ -12,9 +12,9 @@
 				"sup"   (tag "a" `class="sup" href="https://www.goatcounter.com/help/faq#verify-email" target="_blank"`)
 			)}}<br>
 
-			{{.T "p/change-email|Change the email address in the %[settings]." (tag "a" `href="/user"`)}}
+			{{.T "p/change-email|Change the email address in the %[settings]." (tag "a" (printf `href="%s/user"` .Base))}}
 
-			<form method="post" action="/user/resend-verify">
+			<form method="post" action="{{.Base}}/user/resend-verify">
 				<input type="hidden" name="csrf" value="{{.User.CSRFToken}}">
 				<button class="link">{{.T "button/resend-email|Resend email"}}</button>.
 			</form>
@@ -36,7 +36,7 @@
 				"bold"      (tag "strong" "")
 				"pre"       (tag "pre" "")
 				"domain"    (.Site.Domain .Context)
-				"link_docs" (tag "a" `href="/help"`)
+				"link_docs" (tag "a" (printf `href="%s/help"` .Base))
 				"js_code"   (printf "<script data-goatcounter=\"%s/count\"\n        async src=\"//%s/count.js\"></script>" (.Site.URL .Context) .CountDomain)
 			)}}
 		</div>
@@ -68,7 +68,7 @@
 				{{/* TODO: it might be better to load the settings page "inline"
 				here, instead of a settings tab; would also declutter that a bit
 				since we can remove it there. */}}
-				<a href="/user/dashboard">{{.T "button/cfg-dashboard|Configure dashboard layout"}}</a><br>
+				<a href="{{.Base}}/user/dashboard">{{.T "button/cfg-dashboard|Configure dashboard layout"}}</a><br>
 				<small>{{.T "help/cfg-dashboard|Change what to display on the dashboard and in what order."}}</small>
 			</div>
 		</div>
diff --git a/tpl/error.gohtml b/tpl/error.gohtml
index f88ebe55..d73a526f 100644
--- a/tpl/error.gohtml
+++ b/tpl/error.gohtml
@@ -121,7 +121,7 @@ sub {
 </head>
 
 <body>
-	{{if ne .Path "/"}}<nav class="center"><strong><a href="/">← Home</a></strong></nav>{{end}}
+	{{if ne .Path (printf "%s/" .Base) }}<nav class="center"><strong><a href="{{.Base}}/">← Home</a></strong></nav>{{end}}
 	<div class="page">
 		{{if eq .Code 404}}
 			<h1>Not found</h1>
diff --git a/tpl/help.gohtml b/tpl/help.gohtml
index bc9c8c0e..edb61b98 100644
--- a/tpl/help.gohtml
+++ b/tpl/help.gohtml
@@ -9,6 +9,23 @@
 	{{if eq .User.Settings.Theme "dark"}}
 		<link rel="stylesheet" href="{{.Static}}/dark.css?v={{.Version}}">
 	{{end}}
+	<style>
+		@font-face {
+			font-family: 'Lato'; font-style: normal; font-weight: 400; font-display: fallback;
+			src: local('Lato'), local('Lato Regular'),
+				url('{{.Static}}/fonts/latolatin.woff2') format('woff2');
+		}
+		@font-face {
+			font-family: 'Lato'; font-style: normal; font-weight: 700; font-display: fallback;
+			src: local('Lato Bold'), local('Lato Bold'),
+				url('{{.Static}}/fonts/latolatin-bold.woff2') format('woff2');
+		}
+		@font-face {
+			font-family: 'Lato'; font-style: italic; font-weight: 400; font-display: fallback;
+			src: local('Lato Italic'), local('Lato Italic'),
+				url('{{.Static}}/fonts/latolatin-italic.woff2') format('woff2');
+		}
+	</style>
 	<link rel="stylesheet" href="{{.Static}}/shared.css?v={{.Version}}">
 	<link rel="stylesheet" href="{{.Static}}/style.css?v={{.Version}}">
 	<link rel="canonical" href="https://{{.Domain}}/{{.Page}}/{{.CodePage}}">
@@ -58,7 +75,7 @@ hr                  { margin: 0; }
 
 <body>
 	<nav class="center">
-		<strong id="back"><a href="/">←&#xfe0e; {{if .Site}}Dashboard{{else}}Home{{end}}</a></strong>
+		<strong id="back"><a href="{{.Base}}/">←&#xfe0e; {{if .Site}}Dashboard{{else}}Home{{end}}</a></strong>
 	</nav>
 
 	<div class="center code-wrap">
@@ -81,7 +98,7 @@ hr                  { margin: 0; }
 
 				<p>Ways to contact me: <a href="#" class="show-contact">show</a> </p>
 				<div style="display: none;" class="contact">
-					{{template "_contact.gohtml" (map "v" .Validate "r" (printf "/help/%s" .CodePage) "a" .Args)}}
+					{{template "_contact.gohtml" (map "v" .Validate "r" (printf "/help/%s" .CodePage) "a" .Args "Base" .Base)}}
 				</div>
 			</div>
 		</div>
diff --git a/tpl/help/api.md b/tpl/help/api.md
index ccd3bd49..739c1390 100644
--- a/tpl/help/api.md
+++ b/tpl/help/api.md
@@ -63,7 +63,7 @@ API reference
 -------------
 API reference docs are available at:
 
-- [/api.json](/api.json) – OpenAPI 2.0 JSON file.
+- [/api.json]({{.Base}}/api.json) – OpenAPI 2.0 JSON file.
 - Online viewer: [RapiDoc][1], [SwaggerHub][2] <!-- too broken for now  [simple HTML][3] -->
 
 [1]: /api2.html
diff --git a/tpl/help/backend.md b/tpl/help/backend.md
index 51c29db1..eaac3d45 100644
--- a/tpl/help/backend.md
+++ b/tpl/help/backend.md
@@ -11,4 +11,4 @@ A simple example from `curl`:
         -H "Authorization: Bearer $token" \
         --data '{"no_sessions": true, "hits": [{"path": "/one"}, {"path": "/two"}]}'
 
-The [API documentation](/api) contains detailed information and more examples.
+The [API documentation]({{.Base}}/api) contains detailed information and more examples.
diff --git a/tpl/help/csp.md b/tpl/help/csp.md
index b5e2c5b4..9ae2dbb1 100644
--- a/tpl/help/csp.md
+++ b/tpl/help/csp.md
@@ -11,4 +11,4 @@ The `script-src` is needed to load the `count.js` script, and the `connect-src`
 is needed to send pageviews to GoatCounter via `navigator.sendBeacon`.
 
 Alternatively you can host the `count.js` script anywhere you want, or include
-it directly in your page. See [count.js hosting](/code/countjs-host).
+it directly in your page. See [count.js hosting]({{.Base}}/code/countjs-host).
diff --git a/tpl/help/domains.md b/tpl/help/domains.md
index 630a862a..8bcac25c 100644
--- a/tpl/help/domains.md
+++ b/tpl/help/domains.md
@@ -24,4 +24,4 @@ This might be improved at some point in the future; the options right now are:
    identifying the source.
 
 
-Also see [setting the endpoint in JavaScript](/code/modify#setting-the-endpoint-in-javascript-4).
+Also see [setting the endpoint in JavaScript]({{.Base}}/code/modify#setting-the-endpoint-in-javascript-4).
diff --git a/tpl/help/faq.md b/tpl/help/faq.md
index f9bc7aaf..024b7efe 100644
--- a/tpl/help/faq.md
+++ b/tpl/help/faq.md
@@ -40,7 +40,7 @@ window.goatcounter = {
 </dd>
 
 <dt id="gdpr">What about GDPR consent notices? <a href="#gdpr">§</a></dt>
-<dd>You probably don’t need them. The <a href="/gdpr">the GDPR page</a> goes in to some detail about this.</dd>
+<dd>You probably don’t need them. The <a href="{{.Base}}/gdpr">the GDPR page</a> goes in to some detail about this.</dd>
 
 <dt id="custom-domain">How do I set up a custom domain? <a href="#custom-domain">§</a></dt>
 <dd>
@@ -72,7 +72,7 @@ That said, there are some options:
 goatcounter.com or associated domains, and adblockers will not block it.</li>
 <li>Import pageviews from logfiles; GoatCounter can import pageviews
 from web server logfiles; you can send this data to
-goatcounter.com. See <a href="/help/logfile">the documentation for details</a>.</li>
+goatcounter.com. See <a href="{{.Base}}/help/logfile">the documentation for details</a>.</li>
 </ol>
 </dd>
 
@@ -86,7 +86,7 @@ title you can filter by it. Also see
 <dt id="track-email">Can I use GoatCounter to track if someone opened an email? <a href="#track-email">§</a></dt>
 <dd>
 Kind of but not really. You can include the tracking pixel in the email as an
-image <a href="/help/pixel">as described here</a>.
+image <a href="{{.Base}}/help/pixel">as described here</a>.
 
 But this doesn't really work because almost all email clients block external
 images by default exactly to prevent this sort of thing from working. All email
diff --git a/tpl/help/js.md b/tpl/help/js.md
index 1202c68e..ab806e15 100644
--- a/tpl/help/js.md
+++ b/tpl/help/js.md
@@ -3,8 +3,9 @@ is by far the easiest way to integrate GoatCounter, but other options are
 available too.
 
 The script is located at http://gc.zgo.at/count.js; although you can [host it
-somewhere else](/code/countjs-host) if you want, and there are a [stable
-versions](/code/countjs-versions) that can use subresource integrity.
+somewhere else]({{.Base}}/code/countjs-host) if you want, and there are a
+[stable versions]({{.Base}}/code/countjs-versions) that can use subresource
+integrity.
 
 This script is served unminified by design so it can be easily examined. It's
 not very large (~3.2K), and minifying would reduce it by just ~1K so you're not
@@ -83,7 +84,7 @@ as the path:
     {{template "code" .}}
 
 A few more advanced examples are listed in [Change data before it's sent to
-GoatCounter](/code/modify).
+GoatCounter]({{.Base}}/code/modify).
 
 Methods
 -------
@@ -133,7 +134,7 @@ Bind a click event to every element with `data-goatcounter-click`. Called on
 page load unless `no_onload` or `no_events` is set. You may need to call this
 manually if you insert elements after the page loads.
 
-See [Events](/code/events) for more details about events.
+See [Events]({{.Base}}/code/events) for more details about events.
 
 ### `get_query(name)`
 Get a single query parameter from the current page’s URL; returns `undefined` if
diff --git a/tpl/help/modify.md b/tpl/help/modify.md
index 6349a1ac..2f51630d 100644
--- a/tpl/help/modify.md
+++ b/tpl/help/modify.md
@@ -1,6 +1,6 @@
 A few examples on how to modify various parameters in the [JavaScript
-API](/code/js). Also see [Control the path that's sent to
-GoatCounter](/code/path).
+API]({{.Base}}/code/js). Also see [Control the path that's sent to
+GoatCounter]({{.Base}}/code/path).
 
 Custom path and referrer
 ------------------------
diff --git a/tpl/help/path.md b/tpl/help/path.md
index fede21d0..f135b66b 100644
--- a/tpl/help/path.md
+++ b/tpl/help/path.md
@@ -63,4 +63,4 @@ individual query parameters with `goatcounter.get_query()`:
 Note this example uses a callback, since `goatcounter.get_query()` won't be
 defined yet if we just used an object.
 
-See the [JavaScript API](/code/js) page for more details JS API.
+See the [JavaScript API]({{.Base}}/code/js) page for more details JS API.
diff --git a/tpl/help/pixel.md b/tpl/help/pixel.md
index 00f044a5..63617f15 100644
--- a/tpl/help/pixel.md
+++ b/tpl/help/pixel.md
@@ -12,8 +12,8 @@ Or with CSS:
     </style>
 
 Or you can build your own JavaScript integration if you want. Use the
-[API](/code/backend) if you want to send data from the backend; `/count` is only
-intended to be loaded by the visitor's browser.
+[API]({{.Base}}/code/backend) if you want to send data from the backend;
+`/count` is only intended to be loaded by the visitor's browser.
 
 The tracking pixel won’t allow recording the referrer or screen size, and may
 also increase the number of bot requests (it's harder to filter them out with
diff --git a/tpl/help/start.md b/tpl/help/start.md
index e4a4e63c..93a4331b 100644
--- a/tpl/help/start.md
+++ b/tpl/help/start.md
@@ -54,8 +54,8 @@ After setup
 
 Here are some things you may want to look at after setting up the above:
 
-- Make sure GoatCounter is allowed in the [Content-Security-Policy](/code/csp)
-  if you're using it.
+- Make sure GoatCounter is allowed in the
+  [Content-Security-Policy]({{.Base}}/code/csp) if you're using it.
 
 - If you're not seeing any pageviews then chances are your browser's adblocker
   is blocking it. Disable it and check again. It can take about 10 seconds for
@@ -65,7 +65,8 @@ Here are some things you may want to look at after setting up the above:
 
         <link rel="canonical" href="https://example.com/path.html">
 
-    See [Control the path that's sent to GoatCounter](/code/path) for more details.
+    See [Control the path that's sent to GoatCounter]({{.Base}}/code/path) for
+    more details.
 
-- [Prevent tracking my own pageviews?](/code/skip-dev) documents some ways you
-  can ignore your own pageviews from showing up in the dashboard.
+- [Prevent tracking my own pageviews?]({{.Base}}/code/skip-dev) documents some
+  ways you can ignore your own pageviews from showing up in the dashboard.
diff --git a/tpl/help/visitor-counter.md b/tpl/help/visitor-counter.md
index 43e257a8..899a3249 100644
--- a/tpl/help/visitor-counter.md
+++ b/tpl/help/visitor-counter.md
@@ -6,7 +6,7 @@ image.
 in your site settings; this defaults to *off* to prevent unintentional leaking of data.
 {{else}}
 **Note**: you will need to enable “Allow adding visitor counts on your website”
-in your <a href="/settings/main#section-site">site settings</a>; this defaults to
+in your <a href="{{.Base}}/settings/main#section-site">site settings</a>; this defaults to
 *off* to prevent unintentional leaking of data.
 {{end}}
 
diff --git a/tpl/home.gohtml b/tpl/home.gohtml
index 2ec7400e..0f36dfb3 100644
--- a/tpl/home.gohtml
+++ b/tpl/home.gohtml
@@ -11,12 +11,12 @@
 			service or <em>self-hosted</em> app. It aims to offer easy to use
 			and meaningful privacy-friendly web analytics as an alternative to
 			Google Analytics or Matomo.<br>
-			<a href="/why">Why I made GoatCounter</a>
+			<a href="{{.Base}}/why">Why I made GoatCounter</a>
 		</p>
 	</div>
 
 	<div id="home-login">
-		<a class="hlink cbox" href="/signup"><img src="{{.Static}}/index.svg" alt=""> Sign up</a>
+		<a class="hlink cbox" href="{{.Base}}/signup"><img src="{{.Static}}/index.svg" alt=""> Sign up</a>
 		<p>{{if .LoggedIn}}{{.LoggedIn}}{{else}}Already have an account? Sign in at <em>yourcode</em>.goatcounter.com.
 		<a href="//{{.Domain}}/user/forgot">Forgot?</a>{{end}}</p>
 	</div>
@@ -43,8 +43,8 @@
 	<div>
 		<p><strong>Privacy-aware</strong>; doesn’t track users with unique
 		identifiers and doesn't need a GDPR notice. Fine-grained <strong>control over
-			which data is collected</strong>. Also see the <a href="/privacy">privacy
-			policy</a> and <a href="/gdpr">GDPR consent notices</a>.</p>
+			which data is collected</strong>. Also see the <a href="{{.Base}}/privacy">privacy
+			policy</a> and <a href="{{.Base}}/gdpr">GDPR consent notices</a>.</p>
 
 		<p><strong>Lightweight</strong> and <strong>fast</strong>; adds just
 			~3.5KB of extra data to your site. Also has JavaScript-free
@@ -56,7 +56,7 @@
 	<div>
 		<p>Identify <strong>unique visits</strong> without cookies or
 			persistently storing any personal data
-			(<a href="/help/sessions.md">details</a>).</p>
+			(<a href="{{.Base}}/help/sessions.md">details</a>).</p>
 
 		<p>Keeps useful statistics such as <strong>browser</strong> information,
 			<strong>location</strong>, and <strong>screen size</strong>. Keep
@@ -96,10 +96,10 @@
 
 <h2 id="docs">Documents</h2>
 <div class="page" id="docs-list">
-	<p>Some documents about GoatCounter that don’t fit the <a href="/help">documentation page</a>:</p>
+	<p>Some documents about GoatCounter that don’t fit the <a href="{{.Base}}/help">documentation page</a>:</p>
 	<ul>
-		<li><a href="/why">Why I made GoatCounter</a></li>
-		<li><a href="/design">Notes about GoatCounter's design</a></li>
+		<li><a href="{{.Base}}/why">Why I made GoatCounter</a></li>
+		<li><a href="{{.Base}}/design">Notes about GoatCounter's design</a></li>
 
 		<li><a target="_blank" rel="noopener" href="https://www.arp242.net/personal-analytics.html">Analytics on personal websites</a></li>
 		<li><a target="_blank" rel="noopener" href="https://www.arp242.net/dnt.html">Why GoatCounter ignores Do Not Track</a></li>
diff --git a/tpl/i18n_list.gohtml b/tpl/i18n_list.gohtml
index 9e0bffc3..5fc76d83 100644
--- a/tpl/i18n_list.gohtml
+++ b/tpl/i18n_list.gohtml
@@ -22,8 +22,8 @@
 <h2>Edit translations</h2>
 <ul>
 	{{range $f := .Files}}
-		<li><a style="display: inline-block; width: 10em;" href="/i18n/{{index $f 0}}">{{index $f 1}}</a> –
-			<form method="post" action="/i18n/set/{{index $f 0}}">
+		<li><a style="display: inline-block; width: 10em;" href="{{$.Base}}/i18n/{{index $f 0}}">{{index $f 1}}</a> –
+			<form method="post" action="{{$.Base}}/i18n/set/{{index $f 0}}">
 				<input type="hidden" name="csrf" value="{{$.User.CSRFToken}}">
 				<input type="hidden" name="language" value="{{index $f 0}}">
 				<button class="link">set as active</button>
@@ -33,7 +33,7 @@
 </ul>
 
 <h2>Create new</h2>
-<form method="post" action="/i18n" class="vertical">
+<form method="post" action="{{.Base}}/i18n" class="vertical">
 	<input type="hidden" name="csrf" value="{{.User.CSRFToken}}">
 
 	<label for="language">Language</label>
diff --git a/tpl/i18n_show.gohtml b/tpl/i18n_show.gohtml
index 6bbc7093..8c566b87 100644
--- a/tpl/i18n_show.gohtml
+++ b/tpl/i18n_show.gohtml
@@ -55,7 +55,7 @@
 		- Merge from template
 		- Delete
 		*/}}
-		<form method="POST" action="/i18n/submit/{{.TOMLFile}}">
+		<form method="POST" action="{{.Base}}/i18n/submit/{{.TOMLFile}}">
 			<input type="hidden" name="csrf" value="{{$.User.CSRFToken}}">
 			<button>Send changes<br><small>Changes are saved automatically; use this when you're finished</small></button>
 		</form>
@@ -63,7 +63,7 @@
 </div>
 
 {{range $e := .File.Strings}}
-	{{$o := index $.Base.Strings $e.ID}}
+	{{$o := index $.BaseFile.Strings $e.ID}}
 	{{$status := ""}}
 	{{if not $e.Default}}              {{$status = "untrans"}}
 	{{else if eq $e.Updated "unused"}} {{$status = "unused"}}
diff --git a/tpl/serve_newsite.gohtml b/tpl/serve_newsite.gohtml
index a51cc3fa..eba39efd 100644
--- a/tpl/serve_newsite.gohtml
+++ b/tpl/serve_newsite.gohtml
@@ -118,7 +118,7 @@
 
 {{if or .Error .Validate.HasErrors}}<div class="flash flash-e">{{.Validate.HTML}}{{.Error}}</div>{{end}}
 
-<form method="POST" action="/">
+<form method="POST" action="{{.Base}}/">
 	<fieldset>
 	<label for="email">Email</label>
 	<input type="email" name="email" id="email" value="{{.Email}}">
diff --git a/tpl/settings_delete.gohtml b/tpl/settings_delete.gohtml
index 3c17e461..7edced43 100644
--- a/tpl/settings_delete.gohtml
+++ b/tpl/settings_delete.gohtml
@@ -18,7 +18,7 @@
 </div>
 {{end}}
 
-<form method="post" action="/settings/delete-account" class="form-max-width"
+<form method="post" action="{{.Base}}/settings/delete-account" class="form-max-width"
 	data-confirm={{.T "label/delete-account-confirmation|Are you sure you want to delete your entire account?"}}>
 	<input type="hidden" name="csrf" value="{{.User.CSRFToken}}">
 
diff --git a/tpl/settings_export.gohtml b/tpl/settings_export.gohtml
index 3d743e9a..df48a5b7 100644
--- a/tpl/settings_export.gohtml
+++ b/tpl/settings_export.gohtml
@@ -4,10 +4,10 @@
 <h2 id="export">{{.T "header/export-or-import|Export/Import"}}</h2>
 
 <p>{{.T "p/csv-file-format|The format of the CSV file is %[documented over here]."
-	(tag "a" `href="/help/export"`)}}</p>
+	(tag "a" (printf `href="%s/help/export"` .Base))}}</p>
 
 <div class="flex-form">
-	<form method="post" action="/settings/export" class="vertical">
+	<form method="post" action="{{.Base}}/settings/export" class="vertical">
 		<input type="hidden" name="csrf" value="{{.User.CSRFToken}}">
 
 		<fieldset>
@@ -33,7 +33,7 @@
 		</fieldset>
 	</form>
 
-	<form method="post" action="/settings/export/import" enctype="multipart/form-data" class="vertical">
+	<form method="post" action="{{.Base}}/settings/export/import" enctype="multipart/form-data" class="vertical">
 		<input type="hidden" name="csrf" value="{{.User.CSRFToken}}">
 
 		<fieldset>
@@ -75,7 +75,7 @@
 			<td class="hash"><input style="width: 8em" value="{{$e.Hash}}"></td>
 			<td>
 				{{if and $e.Exists $e.FinishedAt}}
-					<a href="/settings/export/{{$e.ID}}">download</a>
+					<a href="{{$.Base}}/settings/export/{{$e.ID}}">download</a>
 				{{else}}
 					<em>{{if $e.FinishedAt}}expired{{else}}not yet ready{{end}}</em>
 				{{end}}
diff --git a/tpl/settings_main.gohtml b/tpl/settings_main.gohtml
index ef42fdf4..9d36cb11 100644
--- a/tpl/settings_main.gohtml
+++ b/tpl/settings_main.gohtml
@@ -4,7 +4,7 @@
 <h2 id="setting">{{.T "header/settings|Settings"}}</h2>
 
 <div class="form-wrap">
-	<form method="post" action="/settings/main" class="vertical">
+	<form method="post" action="{{.Base}}/settings/main" class="vertical">
 		<input type="hidden" name="csrf" value="{{.User.CSRFToken}}">
 
 		<fieldset id="section-site">
@@ -18,7 +18,7 @@
 			<label>{{checkbox .Site.Settings.AllowCounter "settings.allow_counter"}}
 				{{.T "label/allow-visitor-counts|Allow adding visitor counts on your website"}}</label>
 			<span>{{.T "help/allow-visitor-counts|See %[the documentation] for details on how to use."
-				(tag "a" `href="/help/visitor-counter"`)}}</span>
+				(tag "a" (printf `href="%s/help/visitor-counter"` .Base))}}</span>
 
 			<label for="settings-allow-embed">{{.T "label/dashboard-allow-embed|Sites that can embed GoatCounter"}}</label>
 			<input type="text" name="settings.allow_embed" id="settings-allow-embed" value="{{.Site.Settings.AllowEmbed}}"></input>
@@ -56,7 +56,7 @@
 				{{.T `label/change-code|You will access your account at https://<em>[my-code]</em>.%(domain) – %[%link change].`
 					(map
 						"domain" .Domain
-						"link"   (tag "a" `href="/settings/change-code"`)
+						"link"   (tag "a" (printf `href="%s/settings/change-code"` .Base))
 					)}}
 				</span>
 			{{end}}
diff --git a/tpl/settings_purge.gohtml b/tpl/settings_purge.gohtml
index d83e5de0..d549053a 100644
--- a/tpl/settings_purge.gohtml
+++ b/tpl/settings_purge.gohtml
@@ -14,7 +14,7 @@
 	meaning.
 `}}</p>
 
-<form method="get" action="/settings/purge">
+<form method="get" action="{{.Base}}/settings/purge">
 	<input type="text" name="path" placeholder="Path" value="{{.PurgePath}}" required autocomplete="off">
 	<button type="submit">{{.T "button/search|Search"}}</button><br>
 	<label>{{checkbox .MatchTitle "match-title"}} {{.T "label/match-title|Match title as well"}}</label>
@@ -46,7 +46,7 @@
 			align-items: end;
 			margin-top: 2em;
 		">
-			<form method="post" action="/settings/merge"
+			<form method="post" action="{{.Base}}/settings/merge"
 				data-confirm="{{.T "help/no-undo|This cannot be undone!"}}"
 			>
 				<input type="hidden" name="csrf" value="{{.User.CSRFToken}}">
@@ -62,7 +62,7 @@
 				<br>
 				<strong>{{.T "help/no-undo|This cannot be undone!"}}</strong><br>
 			</form>
-			<form method="post" action="/settings/purge"
+			<form method="post" action="{{.Base}}/settings/purge"
 				data-confirm="{{.T "help/no-undo|This cannot be undone!"}}"
 				style="text-align: right;"
 			>
diff --git a/tpl/settings_server.gohtml b/tpl/settings_server.gohtml
index f841e888..dab6564a 100644
--- a/tpl/settings_server.gohtml
+++ b/tpl/settings_server.gohtml
@@ -14,12 +14,12 @@ Uptime:    {{.Uptime}}
 <p>Various special pages for server management; these pages are available only
 to users with “server mangagement” access set.</p>
 <ul>
-	<li><a href="/bosmang/cache"   >Cache</a>            – View contents of caches.</li>
-	<li><a href="/bosmang/bgrun"   >Background tasks</a> – View and manage background tasks.</li>
-	<li><a href="/bosmang/metrics" >Metrics</a>          – Some performance metrics.</li>
-	<li><a href="/bosmang/profile" >Profile</a>          – Go internal performance metrics (pprof).</li>
-	<li><a href="/bosmang/sites"   >Sites</a>            – Overview of all sites and usage (PostgreSQL only).</li>
-	<li><a href="/bosmang/error"   >Error</a>            – Generate an error; for testing logs and -errors flag.</li>
+	<li><a href="{{.Base}}/bosmang/cache"   >Cache</a>            – View contents of caches.</li>
+	<li><a href="{{.Base}}/bosmang/bgrun"   >Background tasks</a> – View and manage background tasks.</li>
+	<li><a href="{{.Base}}/bosmang/metrics" >Metrics</a>          – Some performance metrics.</li>
+	<li><a href="{{.Base}}/bosmang/profile" >Profile</a>          – Go internal performance metrics (pprof).</li>
+	<li><a href="{{.Base}}/bosmang/sites"   >Sites</a>            – Overview of all sites and usage (PostgreSQL only).</li>
+	<li><a href="{{.Base}}/bosmang/error"   >Error</a>            – Generate an error; for testing logs and -errors flag.</li>
 </ul>
 
 {{template "_backend_bottom.gohtml" .}}
diff --git a/tpl/settings_sites.gohtml b/tpl/settings_sites.gohtml
index abb77d83..654ad5c8 100644
--- a/tpl/settings_sites.gohtml
+++ b/tpl/settings_sites.gohtml
@@ -12,7 +12,7 @@
 	<p>You can add as many as you want.</p>
 `}}
 
-<form method="post" action="/settings/sites/add">
+<form method="post" action="{{.Base}}/settings/sites/add">
 	<input type="hidden" name="csrf" value="{{.User.CSRFToken}}">
 	<table class="auto">
 		<thead><tr><th>{{if .GoatcounterCom}}{{.T "header/code|Code"}}{{else}}{{.T "header/domain|Domain"}}{{end}}</th><th></th></tr></thead>
@@ -27,7 +27,7 @@
 					{{if and $.GoatcounterCom (not $s.Parent)}}
 						{{$.T "error/delete-main-site|Can’t delete main site"}}
 					{{else}}
-						<a href="/settings/sites/remove/{{$s.ID}}">{{$.T "button/delete|delete"}}</a>
+						<a href="{{$.Base}}/settings/sites/remove/{{$s.ID}}">{{$.T "button/delete|delete"}}</a>
 					{{end}}
 					{{if eq $s.ID $.Site.ID}}&nbsp;&nbsp;&nbsp;{{$.T "label/mark-current|(current)"}}{{end}}
 				</td>
@@ -54,7 +54,7 @@
 
 <p><strong>{{.T "p/text-data-retention|This includes the data retention and collection settings!"}}</strong></p>
 
-<form method="post" action="/settings/sites/copy-settings">
+<form method="post" action="{{.Base}}/settings/sites/copy-settings">
 	<input type="hidden" name="csrf" value="{{.User.CSRFToken}}">
 	{{range $s := .SubSites}}<tr>
 		{{if ne $s.ID $.Site.ID}}
diff --git a/tpl/settings_users.gohtml b/tpl/settings_users.gohtml
index b1b4553a..dc7fc120 100644
--- a/tpl/settings_users.gohtml
+++ b/tpl/settings_users.gohtml
@@ -12,8 +12,8 @@
 				{{if and $.GoatcounterCom (eq (len $.Users.Admins) 1) $u.AccessAdmin}}
 					{{$.T "p/last-user|Can’t delete or edit last admin user"}}
 				{{else}}
-					<a href="/settings/users/{{$u.ID}}">{{$.T "button/edit|edit"}}</a> |
-					<form method="post" action="/settings/users/remove/{{$u.ID}}"
+					<a href="{{$.Base}}/settings/users/{{$u.ID}}">{{$.T "button/edit|edit"}}</a> |
+					<form method="post" action="{{$.Base}}/settings/users/remove/{{$u.ID}}"
 						data-confirm="{{$.T "confirm/delete-user|Delete %(email)?" $u.Email}}"
 					>
 						<input type="hidden" name="csrf" value="{{$.User.CSRFToken}}">
@@ -26,6 +26,6 @@
 </tbody></table>
 <br>
 
-<a href="/settings/users/add">{{.T "button/add-user|Add new user"}}</a>
+<a href="{{.Base}}/settings/users/add">{{.T "button/add-user|Add new user"}}</a>
 
 {{template "_backend_bottom.gohtml" .}}
diff --git a/tpl/settings_users_form.gohtml b/tpl/settings_users_form.gohtml
index 7081b695..b7f8baff 100644
--- a/tpl/settings_users_form.gohtml
+++ b/tpl/settings_users_form.gohtml
@@ -20,7 +20,7 @@
 <h2>{{if .Edit}}{{.T "header/edit-user|Edit user %(email)" .NewUser.Email}}{{else}}{{.T "header/add-new-user|Add a new user"}}{{end}}</h2>
 {{if .Error}}<div class="flash flash-e">{{.Error}}</div>{{end}}
 
-<form method="post" action="{{if .Edit}}/settings/users/{{.NewUser.ID}}{{else}}/settings/users/add{{end}}" id="users-form" class="vertical">
+<form method="post" action="{{.Base}}{{if .Edit}}/settings/users/{{.NewUser.ID}}{{else}}/settings/users/add{{end}}" id="users-form" class="vertical">
 	<input type="hidden" name="csrf" value="{{.User.CSRFToken}}">
 	<fieldset>
 		<legend>{{.T "header/user-information|User information"}}</legend>
diff --git a/tpl/signup.gohtml b/tpl/signup.gohtml
index 1d5b96af..3a1dcc77 100644
--- a/tpl/signup.gohtml
+++ b/tpl/signup.gohtml
@@ -6,7 +6,7 @@
 → <em>sites</em> for separating them out.</p>
 
 <div id="signup-form">
-	<form class="vertical" method="post" action="/signup">
+	<form class="vertical" method="post" action="{{.Base}}/signup">
 		<fieldset class="two">
 			<div>
 				<div>
diff --git a/tpl/totp.gohtml b/tpl/totp.gohtml
index fd160d00..99370d34 100644
--- a/tpl/totp.gohtml
+++ b/tpl/totp.gohtml
@@ -3,7 +3,7 @@
 <h1>Multi-factor auth</h1>
 <p>{{.T "p/have-mfa|This account is protected with multi-factor auth; please enter the code from your authenticator app."}}</p>
 
-<form method="post" action="/user/totplogin" class="vertical">
+<form method="post" action="{{.Base}}/user/totplogin" class="vertical">
 	<input type="hidden" name="loginmac" value="{{.LoginMAC}}">
 	<input type="hidden" name="user_logintoken" value="{{.LoginToken}}">
 
diff --git a/tpl/user_api.gohtml b/tpl/user_api.gohtml
index 0d0fa55f..3f653365 100644
--- a/tpl/user_api.gohtml
+++ b/tpl/user_api.gohtml
@@ -5,15 +5,15 @@
 {{if not .User.EmailVerified}}
 	<p>You need to verify your email before you can use the API; a link was sent to {{.User.Email}}.</p>
 
-	Change the email address in the <a href="/user/pref">{{.T "link/settings|settings"}}</a> –
-	<form method="post" action="/user/resend-verify">
+	Change the email address in the <a href="{{.Base}}/user/pref">{{.T "link/settings|settings"}}</a> –
+	<form method="post" action="{{.Base}}/user/resend-verify">
 		<input type="hidden" name="csrf" value="{{.User.CSRFToken}}">
 		<button class="link">{{.T "button/resend-email|Resend email"}}</button>.
 	</form>
 </div>
 {{else}}
 	<p>{{.T "p/api-intro|GoatCounter comes with an API to count pageviews, read statistics, create exports, and manage sites and users."}}</p>
-	<p><a href="/api">{{.T "link/api-docs|API documentation"}}</a></p>
+	<p><a href="{{.Base}}/api">{{.T "link/api-docs|API documentation"}}</a></p>
 
 	<fieldset>
 		<legend>{{.T "header/api-tokens|API tokens"}}</legend>
@@ -45,7 +45,7 @@
 					{{end}}</td>
 
 					<td>
-						<form method="post" action="/user/api-token/remove/{{$t.ID}}" data-confirm="Delete token {{$t.Name}}?">
+						<form method="post" action="{{$.Base}}/user/api-token/remove/{{$t.ID}}" data-confirm="Delete token {{$t.Name}}?">
 							<input type="hidden" name="csrf" value="{{$.User.CSRFToken}}">
 							<button class="link">{{$.T "button/delete|delete"}}</button>
 						</form>
@@ -53,7 +53,7 @@
 				</tr>{{end}}
 
 				<tr>
-					<form method="post" action="/user/api-token">
+					<form method="post" action="{{.Base}}/user/api-token">
 						<input type="hidden" name="csrf" value="{{$.User.CSRFToken}}">
 
 						<td>
diff --git a/tpl/user_auth.gohtml b/tpl/user_auth.gohtml
index d9e65a0a..e5e07d35 100644
--- a/tpl/user_auth.gohtml
+++ b/tpl/user_auth.gohtml
@@ -3,7 +3,7 @@
 
 <h2 id="auth">{{.T "header/passwd-mfa|Password & MFA"}}</h2>
 <div class="flex-form">
-	<form method="post" action="/user/change-password" class="vertical">
+	<form method="post" action="{{.Base}}/user/change-password" class="vertical">
 		<input type="hidden" name="csrf" value="{{.User.CSRFToken}}">
 
 		<fieldset>
@@ -25,7 +25,7 @@
 	</form>
 
 	{{if .User.TOTPEnabled}}
-		<form method="post" action="/user/disable-totp" class="vertical">
+		<form method="post" action="{{.Base}}/user/disable-totp" class="vertical">
 			<input type="hidden" name="csrf" value="{{.User.CSRFToken}}">
 
 			<fieldset>
@@ -36,7 +36,7 @@
 			</fieldset>
 		</form>
 	{{else}}
-		<form method="post" action="/user/enable-totp">
+		<form method="post" action="{{.Base}}/user/enable-totp">
 			<input type="hidden" name="csrf" value="{{.User.CSRFToken}}">
 
 			<fieldset>
diff --git a/tpl/user_dashboard.gohtml b/tpl/user_dashboard.gohtml
index 0beb521a..4f6796a5 100644
--- a/tpl/user_dashboard.gohtml
+++ b/tpl/user_dashboard.gohtml
@@ -4,7 +4,7 @@
 <h2 id="dashboard">{{.T "header/dashboard|Dashboard"}}</h2>
 
 <script crossorigin="anonymous" src="{{.Static}}/dragula.js?v={{.Version}}"></script>
-<form method="post" action="/user/dashboard" id="widget-settings">
+<form method="post" action="{{.Base}}/user/dashboard" id="widget-settings">
 	<input type="hidden" name="csrf" value="{{.User.CSRFToken}}">
 	<input type="hidden" name="reset" value="">
 
diff --git a/tpl/user_forgot_code.gohtml b/tpl/user_forgot_code.gohtml
index 23a4ab86..937c38f3 100644
--- a/tpl/user_forgot_code.gohtml
+++ b/tpl/user_forgot_code.gohtml
@@ -5,7 +5,7 @@
 
 <p>{{.T "forgot-domain-help|Email a list of all domains associated with an email address."}}</p>
 
-<form method="post" action="/user/forgot" class="vertical">
+<form method="post" action="{{.Base}}/user/forgot" class="vertical">
 	<label for="email">{{.T "label/email-address|Email address"}}</label>
 	<input type="email" name="email" id="email" value="{{.Email}}" required>
 	{{validate "email" .Validate}}
diff --git a/tpl/user_forgot_pw.gohtml b/tpl/user_forgot_pw.gohtml
index cf3a696a..9732b5a1 100644
--- a/tpl/user_forgot_pw.gohtml
+++ b/tpl/user_forgot_pw.gohtml
@@ -2,7 +2,7 @@
 
 <h1>{{.T "header/forgot-password|Forgot password"}}</h1>
 
-<form method="post" action="/user/request-reset" class="vertical">
+<form method="post" action="{{.Base}}/user/request-reset" class="vertical">
 	<label for="email">{{.T "label/email-address|Email address"}}</label>
 	<input type="email" name="email" id="email" value="{{.Email}}" required><br>
 
diff --git a/tpl/user_pref.gohtml b/tpl/user_pref.gohtml
index dd0a42dd..df905c56 100644
--- a/tpl/user_pref.gohtml
+++ b/tpl/user_pref.gohtml
@@ -3,7 +3,7 @@
 
 <h2 id="setting">{{.T "header/preferences|Preferences"}}</h2>
 <div class="form-wrap">
-	<form method="post" action="/user/pref" class="vertical">
+	<form method="post" action="{{.Base}}/user/pref" class="vertical">
 		<input type="hidden" name="csrf" value="{{.User.CSRFToken}}">
 
 		<fieldset>
@@ -39,7 +39,7 @@
 				<option {{option_value .User.Settings.Language "zh-TW"}}>中国</option>
 			</select>
 			{{validate "settings.language" .Validate}}
-			<span><a href="/i18n">{{.T "link/add-translation|Add or update translations"}}</a></span>
+			<span><a href="{{.Base}}/i18n">{{.T "link/add-translation|Add or update translations"}}</a></span>
 
 			<label for="date_format">{{.T "label/date-fmt|Date format"}}</label>
 			<select name="user.settings.date_format" id="date_format">
diff --git a/tpl/user_reset.gohtml b/tpl/user_reset.gohtml
index b59154f1..3b620086 100644
--- a/tpl/user_reset.gohtml
+++ b/tpl/user_reset.gohtml
@@ -4,7 +4,7 @@
 	"email"     .User.Email
 	"site-name" (.Site.Display .Context)
 )}}</h1>
-<form method="post" action="/user/reset/{{.Key}}" class="vertical">
+<form method="post" action="{{.Base}}/user/reset/{{.Key}}" class="vertical">
 	<label for="password">{{.T "label/new-password|New password"}}</label>
 	<input type="password" name="password" id="password" autocomplete="new-password" required><br>
 
diff --git a/widgets/browsers.go b/widgets/browsers.go
index a9ddab0c..76daea3b 100644
--- a/widgets/browsers.go
+++ b/widgets/browsers.go
@@ -59,6 +59,7 @@ func (w *Browsers) GetData(ctx context.Context, a Args) (more bool, err error) {
 func (w Browsers) RenderHTML(ctx context.Context, shared SharedData) (string, any) {
 	return "_dashboard_hchart.gohtml", struct {
 		Context      context.Context
+		Base         string
 		ID           int
 		CanConfigure bool
 		RowsOnly     bool
@@ -70,7 +71,7 @@ func (w Browsers) RenderHTML(ctx context.Context, shared SharedData) (string, an
 		TotalUTC     int
 		Stats        goatcounter.HitStats
 		Detail       string
-	}{ctx, w.id, true, shared.RowsOnly, w.Detail == "", w.loaded, w.err, isCol(ctx, goatcounter.CollectUserAgent),
+	}{ctx, goatcounter.Config(ctx).BasePath, w.id, true, shared.RowsOnly, w.Detail == "", w.loaded, w.err, isCol(ctx, goatcounter.CollectUserAgent),
 		z18n.T(ctx, "header/browsers|Browsers"),
 		shared.TotalUTC, w.Stats, w.Detail}
 }
diff --git a/widgets/campaigns.go b/widgets/campaigns.go
index ed224504..90f896cb 100644
--- a/widgets/campaigns.go
+++ b/widgets/campaigns.go
@@ -59,6 +59,7 @@ func (w Campaigns) RenderHTML(ctx context.Context, shared SharedData) (string, a
 	//return "_dashboard_campaigns.gohtml", struct {
 	return "_dashboard_hchart.gohtml", struct {
 		Context      context.Context
+		Base         string
 		ID           int
 		CanConfigure bool
 		RowsOnly     bool
@@ -70,6 +71,6 @@ func (w Campaigns) RenderHTML(ctx context.Context, shared SharedData) (string, a
 		TotalUTC     int
 		Stats        goatcounter.HitStats
 		Campaign     int64
-	}{ctx, w.id, true, shared.RowsOnly, w.Campaign == 0, w.loaded, w.err, isCol(ctx, goatcounter.CollectReferrer), w.Label(ctx),
+	}{ctx, goatcounter.Config(ctx).BasePath, w.id, true, shared.RowsOnly, w.Campaign == 0, w.loaded, w.err, isCol(ctx, goatcounter.CollectReferrer), w.Label(ctx),
 		shared.TotalUTC, w.Stats, w.Campaign}
 }
diff --git a/widgets/languages.go b/widgets/languages.go
index 27635a04..9428ba77 100644
--- a/widgets/languages.go
+++ b/widgets/languages.go
@@ -53,6 +53,7 @@ func (w Languages) RenderHTML(ctx context.Context, shared SharedData) (string, a
 
 	return "_dashboard_hchart.gohtml", struct {
 		Context      context.Context
+		Base         string
 		ID           int
 		CanConfigure bool
 		RowsOnly     bool
@@ -63,6 +64,6 @@ func (w Languages) RenderHTML(ctx context.Context, shared SharedData) (string, a
 		Header       string
 		TotalUTC     int
 		Stats        goatcounter.HitStats
-	}{ctx, w.id, true, shared.RowsOnly, false, w.loaded, w.err, isCol(ctx, goatcounter.CollectLanguage),
+	}{ctx, goatcounter.Config(ctx).BasePath, w.id, true, shared.RowsOnly, false, w.loaded, w.err, isCol(ctx, goatcounter.CollectLanguage),
 		header, shared.TotalUTC, w.Stats}
 }
diff --git a/widgets/locations.go b/widgets/locations.go
index c8e27842..72efb283 100644
--- a/widgets/locations.go
+++ b/widgets/locations.go
@@ -69,6 +69,7 @@ func (w Locations) RenderHTML(ctx context.Context, shared SharedData) (string, a
 
 	return "_dashboard_hchart.gohtml", struct {
 		Context      context.Context
+		Base         string
 		ID           int
 		CanConfigure bool
 		RowsOnly     bool
@@ -80,6 +81,6 @@ func (w Locations) RenderHTML(ctx context.Context, shared SharedData) (string, a
 		TotalUTC     int
 		Stats        goatcounter.HitStats
 		Detail       string
-	}{ctx, w.id, true, shared.RowsOnly, w.Detail == "", w.loaded, w.err, isCol(ctx, goatcounter.CollectLocation),
+	}{ctx, goatcounter.Config(ctx).BasePath, w.id, true, shared.RowsOnly, w.Detail == "", w.loaded, w.err, isCol(ctx, goatcounter.CollectLocation),
 		header, shared.TotalUTC, w.Stats, w.Detail}
 }
diff --git a/widgets/sizes.go b/widgets/sizes.go
index fed5376e..7a431ddf 100644
--- a/widgets/sizes.go
+++ b/widgets/sizes.go
@@ -54,6 +54,7 @@ func (w *Sizes) GetData(ctx context.Context, a Args) (more bool, err error) {
 func (w Sizes) RenderHTML(ctx context.Context, shared SharedData) (string, any) {
 	return "_dashboard_hchart.gohtml", struct {
 		Context      context.Context
+		Base         string
 		ID           int
 		CanConfigure bool
 		RowsOnly     bool
@@ -65,7 +66,7 @@ func (w Sizes) RenderHTML(ctx context.Context, shared SharedData) (string, any)
 		TotalUTC     int
 		Stats        goatcounter.HitStats
 		Detail       string
-	}{ctx, w.id, false, shared.RowsOnly, w.Detail == "", w.loaded, w.err, isCol(ctx, goatcounter.CollectScreenSize),
+	}{ctx, goatcounter.Config(ctx).BasePath, w.id, false, shared.RowsOnly, w.Detail == "", w.loaded, w.err, isCol(ctx, goatcounter.CollectScreenSize),
 		z18n.T(ctx, "header/sizes|Sizes"),
 		shared.TotalUTC, w.Stats, w.Detail}
 }
diff --git a/widgets/systems.go b/widgets/systems.go
index 657e118c..cd78a32d 100644
--- a/widgets/systems.go
+++ b/widgets/systems.go
@@ -59,6 +59,7 @@ func (w *Systems) GetData(ctx context.Context, a Args) (more bool, err error) {
 func (w Systems) RenderHTML(ctx context.Context, shared SharedData) (string, any) {
 	return "_dashboard_hchart.gohtml", struct {
 		Context      context.Context
+		Base         string
 		ID           int
 		CanConfigure bool
 		RowsOnly     bool
@@ -70,7 +71,7 @@ func (w Systems) RenderHTML(ctx context.Context, shared SharedData) (string, any
 		TotalUTC     int
 		Stats        goatcounter.HitStats
 		Detail       string
-	}{ctx, w.id, true, shared.RowsOnly, w.Detail == "", w.loaded, w.err, isCol(ctx, goatcounter.CollectUserAgent),
+	}{ctx, goatcounter.Config(ctx).BasePath, w.id, true, shared.RowsOnly, w.Detail == "", w.loaded, w.err, isCol(ctx, goatcounter.CollectUserAgent),
 		z18n.T(ctx, "header/systems|Systems"),
 		shared.TotalUTC, w.Stats, w.Detail}
 }