diff --git a/apxtri/apxtri.js b/apxtri/apxtri.js
index c9cf4b5..6c09faa 100755
--- a/apxtri/apxtri.js
+++ b/apxtri/apxtri.js
@@ -1,3 +1,23 @@
+// CRITICAL FIX: Ensure Buffer is available globally before ANY modules load
+// This fixes the "Cannot read properties of undefined (reading 'prototype')" error
+if (typeof global !== 'undefined') {
+  // Force load buffer module and make it globally available
+  const buffer = require('buffer');
+  if (!global.Buffer) {
+    global.Buffer = buffer.Buffer;
+  }
+  // Also ensure it's available in this scope
+  if (typeof Buffer === 'undefined') {
+    global.Buffer = buffer.Buffer;
+  }
+}
+
+// Double-check Buffer is available
+if (typeof Buffer === 'undefined') {
+  console.error('ERROR: Buffer is still undefined!');
+  process.exit(1);
+}
+
 //const { argv } = require("process");
 const fs = require("fs-extra");
 const bodyParser = require("body-parser");
@@ -291,7 +311,30 @@ apxtri.runexpress = async (tribesdns, conf) => {
   regtxt += ")$";
   //  let cor = false;whatwg-url
   const regorigin = new RegExp(regtxt);
-  app.use((req, res, next) => {
+  app.use(cors({
+    origin: function (origin, callback) {
+      // Allow requests with no origin (like mobile apps, curl, etc.)
+      if (!origin) {
+        return callback(null, true);
+      }
+      
+      // Check if origin matches allowed domains pattern
+      if (regorigin.test(origin)) {
+        return callback(null, true);
+      } else {
+        console.log(
+          `CORS blocked: ${origin} does not match pattern ${regtxt}. Add it in itm/tribename.json in dns.`
+        );
+        return callback(new Error('Not allowed by CORS'));
+      }
+    },
+    allowedHeaders: conf.api.exposedHeaders,
+    exposedHeaders: conf.api.exposedHeaders,
+    credentials: true,
+    preflightContinue: false,
+    optionsSuccessStatus: 204,
+  }));
+  /*app.use((req, res, next) => {
     let cor = false;
     //console.log(req.headers)
     if (req.headers.origin == undefined) {
@@ -314,7 +357,7 @@ apxtri.runexpress = async (tribesdns, conf) => {
     });
     next();
   });
-
+  */
   // Routers add any routes from /routes and /plugins
   let logroute = "Routes available on this apxtri instance: \n";
   routes.forEach((r) => {
diff --git a/apxtri/models/Pagans.js b/apxtri/models/Pagans.js
index 526ec35..08be6de 100644
--- a/apxtri/models/Pagans.js
+++ b/apxtri/models/Pagans.js
@@ -143,12 +143,25 @@ Pagans.getalias = (alias) => {
       data: fs.readJSONSync(`../adminapi/objects/pagans/itm/${alias}.json`),
     };
   } else {
-    return {
-      status: 404,
-      ref: "Pagans",
-      msg: "aliasdoesnotexist",
-      data: { alias },
-    };
+    try{
+      const lst_alias=fs.readJSONSync(`../adminapi/objects/pagans/idx/lst_alias.json`)
+      let suggestedalias=[]
+      let counter = 1;
+      while (suggestedalias.length < 3){
+        const candidate = `${alias}${counter}`;
+        if (!lst_alias.includes(candidate)){
+          suggestedalias.push(candidate)
+        }
+        counter++;
+      }
+      return {
+        status: 404,
+        ref: "Pagans",
+        msg: "aliasdoesnotexist",
+        data: { alias, suggestedalias },
+      };
+    } catch(err){
+      return {status:500,msg:"lst_aliaserror",ref:"Pagans",data:{}}
   }
 };