diff --git a/.github/workflows/WorkFlow.yaml b/.github/workflows/workflow.yaml
similarity index 82%
rename from .github/workflows/WorkFlow.yaml
rename to .github/workflows/workflow.yaml
index 8c7674d..d49bbbd 100644
--- a/.github/workflows/WorkFlow.yaml
+++ b/.github/workflows/workflow.yaml
@@ -14,6 +14,4 @@ jobs:
       run: |
         pip install -r requirements.txt
         python tests/test_config.py
-        chmod +x BackEnd/runScript.sh
-        ./BackEnd/runScript.sh
         
diff --git a/.gitignore b/.gitignore
index ecd5257..09444df 100644
--- a/.gitignore
+++ b/.gitignore
@@ -1,3 +1,3 @@
 __pycache__
-*/__pycache__
-venv
\ No newline at end of file
+venv
+.venv
\ No newline at end of file
diff --git a/BackEnd/disable_usbguard.tmp b/BackEnd/disable_usbguard.tmp
deleted file mode 100644
index 36a8f9d..0000000
--- a/BackEnd/disable_usbguard.tmp
+++ /dev/null
@@ -1 +0,0 @@
-disable
\ No newline at end of file
diff --git a/BackEnd/rules.conf b/BackEnd/rules.conf
deleted file mode 100644
index a7569ac..0000000
--- a/BackEnd/rules.conf
+++ /dev/null
@@ -1,5 +0,0 @@
-allow 1a2c:4c5e name  "USB Keyboard" via-port "1-2"
-allow 04f3:0c00 name  "ELAN:ARM-M4" 
-reject via-port 1-3
-
-
diff --git a/BackEnd/runScript.sh b/BackEnd/runScript.sh
deleted file mode 100755
index cb2d657..0000000
--- a/BackEnd/runScript.sh
+++ /dev/null
@@ -1,35 +0,0 @@
-#!/bin/bash
-
-# Function to run commands and handle errors
-run_command() {
-    "$@"
-    if [ $? -ne 0 ]; then
-        echo "Error: Command failed - $@"
-        exit 1
-    fi
-}
-
-# Set file paths
-SCRIPT_DIR="$( cd "$( dirname "${BASH_SOURCE[0]}" )" &> /dev/null && pwd )"
-RULES_CONF_PATH="$SCRIPT_DIR/../BackEnd/rules.conf"
-
-
-TEMP_DISABLE_FILE="$SCRIPT_DIR/disable_usbguard.tmp"
-# Check if rules.conf exists
-if [ ! -f "$RULES_CONF_PATH" ]; then
-    echo "Error: rules.conf file not found."
-    exit 1
-fi
-
-if [ -f "$TEMP_DISABLE_FILE" ]; then
-    run_command sudo systemctl disable --now usbguard
-    rm "$TEMP_DISABLE_FILE"  # Clean up the temporary file
-else
-    run_command sudo install -m 0600 -o root -g root "$RULES_CONF_PATH" 
-    # Restart and enable USBGuard
-    run_command sudo systemctl daemon-reload
-    run_command sudo systemctl restart usbguard
-    run_command sudo systemctl enable usbguard
-fi
-
-echo "Script execution completed successfully."
diff --git a/README.md b/README.md
index 19358cd..5d2b002 100644
--- a/README.md
+++ b/README.md
@@ -2,98 +2,3 @@
 Hardening for ubuntu Using UI:
 ![Alt text](static/image.png)
 Hardening Hub for Ubuntu.
-
-- [Hardware](#hardware)
-  - [Physical Ports](#physical-ports)
-    - [UI](#ui)
-    - [Config File](#config-file)
-    - [Backend](#backend)
-- [Software](#software)
-  - [SSH](#ssh)
-    - [Config File](#config-file-1)
-
-## Hardware
-
-### Physical Ports
-
-USBGuard: https://usbguard.github.io/documentation/rule-language.html
-
-#### UI
-
-- checkbox: enable/disable usbguard service
-  - `systemctl status usbguard`
-  - grey out all other controls if disabled
-- checkbox: allow all devices
-- on load, refresh button: get devices from connected ports and current rules
-  - `usbguard generate-policy` + from config file
-  - `grep 'via-port'`
-  - get ids of each device
-     - `grep -oP ' id \K\S+'`
-  - get names of each device
-     - `grep -oP ' name "\K[^"]+'`
-  - get port ids of each device
-     - `grep -oP ' via-port "\K[^"]+'`
-  <!-- - get name of each ids
-     - `lsusb -d <id>`
-     - `grep -oP ' ID [0-9a-f]+:[0-9a-f]+ \K.*'` -->
-- table(list): display the list of devices
-  - checkbox: allowed(true) or blocked(false)
-  - device id
-  - device name
-  - port id
-  - checkbox: port-specific rule(true) or global rule(false)
-  - delete button
-- table(list): display the list of ports (? how to get all port ids)
-  - checkbox: allowed(true) or blocked(false)
-  - port id
-
-#### Config File
-
-```toml
-[physical-ports]
-enable = true
-allow-all = false
-rules = [
-    {allow = true, id = "1a2c:4c5e", name = "USB Keyboard", port = "1-2"}, # allow only at that port
-    {allow = true, id = "04f3:0c00", name = "ELAN:ARM-M4"},
-    {allow = false, port = "1-3"} # block all devices at that port
-]
-```
-
-#### Backend
-
-- if not `enable`:
-  - `sudo systemctl disable --now usbguard`
-  - return
-- generate `rules.conf`:
-  - if `allow-all`:
-     - `allow`
-  - else:
-     - for each rule: `allow $id name "$name" via-port "$port"`
-- install rules:
-  - `sudo install -m 0600 -o root -g root rules.conf /etc/usbguard/rules.conf`
-  - `sudo systemctl restart usbguard`
-  - `sudo systemctl enable usbguard`
-
-
-## Software
-
-### SSH
-
-sshd_config: https://v.gd/b3j7GR
-
-#### Config File
-
-```toml
-[ssh]
-enable = true
-port = 22
-permit-empty-passwords = false
-password-authentication = false
-permit-root-login = false
-client-alive-interval = 300
-client-alive-count-max = 2
-allow-users = ["user1", "user2"]
-allow-groups = ["group1", "group2"]
-x11-forwarding = false
-```
\ No newline at end of file
diff --git a/docs/firewall.md b/docs/firewall.md
new file mode 100644
index 0000000..e69de29
diff --git a/docs/physical_ports.md b/docs/physical_ports.md
new file mode 100644
index 0000000..1e2fab0
--- /dev/null
+++ b/docs/physical_ports.md
@@ -0,0 +1,63 @@
+# Physical Ports
+
+USBGuard: https://usbguard.github.io/documentation/rule-language.html
+
+## UI
+
+- checkbox: enable/disable usbguard service
+  - `systemctl status usbguard`
+  - grey out all other controls if disabled
+- checkbox: allow all devices
+- on load, refresh button: get devices from connected ports and current rules
+  - `usbguard generate-policy` + from config file
+  - `grep 'via-port'`
+  - get ids of each device
+     - `grep -oP ' id \K\S+'`
+  - get names of each device
+     - `grep -oP ' name "\K[^"]+'`
+  - get port ids of each device
+     - `grep -oP ' via-port "\K[^"]+'`
+  <!-- - get name of each ids
+     - `lsusb -d <id>`
+     - `grep -oP ' ID [0-9a-f]+:[0-9a-f]+ \K.*'` -->
+- table(list): display the list of devices
+  - checkbox: allowed(true) or blocked(false)
+  - device id
+  - device name
+  - port id
+  - checkbox: port-specific rule(true) or global rule(false)
+  - delete button
+- table(list): display the list of ports (? how to get all port ids)
+  - checkbox: allowed(true) or blocked(false)
+  - port id
+
+## Config File
+
+```toml
+[physical-ports]
+enable = true
+allow-all = false
+device-rules = [
+    {allow = true, id = "1a2c:4c5e", name = "USB Keyboard", port = "1-2"}, # allow only at that port
+    {allow = true, id = "04f3:0c00", name = "ELAN:ARM-M4"}
+]
+port-rules = [
+    {allow = false, port = "1-3"} # block all devices at that port
+]
+```
+
+## Backend
+
+- if not `enable`:
+  - `sudo systemctl disable --now usbguard`
+  - return
+- generate `rules.conf`:
+  - if `allow-all`:
+     - `allow`
+  - else:
+     - for each rule: `allow $id name "$name" via-port "$port"`
+- install rules:
+  - `sudo install -m 0600 -o root -g root rules.conf /etc/usbguard/rules.conf`
+  - `sudo systemctl restart usbguard`
+  - `sudo systemctl enable usbguard`
+
diff --git a/docs/ssh.md b/docs/ssh.md
new file mode 100644
index 0000000..168ab14
--- /dev/null
+++ b/docs/ssh.md
@@ -0,0 +1,19 @@
+# SSH
+
+sshd_config: https://v.gd/b3j7GR
+
+## Config File
+
+```toml
+[ssh]
+enable = true
+port = 22
+permit-empty-passwords = false
+password-authentication = false
+permit-root-login = false
+client-alive-interval = 300
+client-alive-count-max = 2
+allow-users = ["user1", "user2"]
+allow-groups = ["group1", "group2"]
+x11-forwarding = false
+```
\ No newline at end of file
diff --git a/BackEnd/readtoml.py b/harden/physical_ports.py
similarity index 69%
rename from BackEnd/readtoml.py
rename to harden/physical_ports.py
index 89b7d63..73f9c6e 100644
--- a/BackEnd/readtoml.py
+++ b/harden/physical_ports.py
@@ -44,24 +44,16 @@ def ConfUtile(parsed_data,test_directory):
                 if key == 'allow':
                     if rule[key]:
                         rules_content += "allow "
-                        if 'id' in rule:
-                            rules_content += f"{rule['id']} "
-                        if 'name' in rule:
-                            rules_content += f"name  \"{rule['name']}\" "
-                        if 'port' in rule:
-                            rules_content += f"via-port \"{rule['port']}\"\n"
-                        else:
-                            rules_content += "\n"
                     else:
                         rules_content += "reject "
-                        if 'id' in rule:
-                            rules_content += f"reject {rule['id']} "
-                        if 'name' in rule:
-                            rules_content += f"name \"{rule['name']}\" "
-                        if 'port' in rule:
-                            rules_content += f"via-port {rule['port']}\n"
-                        else:
-                            rules_content += "\n"
+                    if 'id' in rule:
+                        rules_content += f"{rule['id']} "
+                    if 'name' in rule:
+                        rules_content += f"name  \"{rule['name']}\" "
+                    if 'port' in rule:
+                        rules_content += f"via-port \"{rule['port']}\"\n"
+                    else:
+                        rules_content += "\n"
     return rules_content
 
 
diff --git a/requirements.txt b/requirements.txt
index afd928e..b0c5bf7 100755
--- a/requirements.txt
+++ b/requirements.txt
@@ -1,3 +1,2 @@
 pyQt6
-toml
 tomlkit
\ No newline at end of file