diff --git a/conf.d/ferreirareal.com.br.conf b/conf.d/ferreirareal.com.br.conf
index af88694..40d491b 100644
--- a/conf.d/ferreirareal.com.br.conf
+++ b/conf.d/ferreirareal.com.br.conf
@@ -1,91 +1,64 @@
-# ==============================================================================
-# PROXY PATHFINDER - HIGH END CONFIGURATION
-# Site: ferreirareal.com.br
-# ==============================================================================
-
 upstream ferreirareal_backend {
     server 172.112.1.2:8081;
 }
 
-# --- HTTP -> HTTPS Redirect ---
 server {
     listen 80;
     server_name ferreirareal.com.br www.ferreirareal.com.br;
-    
     include snippets/acme_challenge.conf;
-
     location / {
         return 301 https://ferreirareal.com.br$request_uri;
     }
 }
 
-# --- WWW -> Non-WWW Redirect (HTTPS) ---
 server {
     listen 443 quic;
     listen 443 ssl;
     server_name www.ferreirareal.com.br;
-
     include snippets/ssl_params.conf;
     ssl_certificate /etc/letsencrypt/live/ferreirareal.com.br/fullchain.pem;
     ssl_certificate_key /etc/letsencrypt/live/ferreirareal.com.br/privkey.pem;
-
     return 301 https://ferreirareal.com.br$request_uri;
 }
 
-# --- MAIN SERVER ---
 server {
-    # HTTP/3 (QUIC) + HTTP/2 + SSL
     listen 443 quic reuseport;
     listen 443 ssl;
     server_name ferreirareal.com.br;
 
-    # --- logs ---
     access_log /var/log/nginx/ferreirareal.com.br.access.log detailed_proxy;
     error_log /var/log/nginx/ferreirareal.com.br.error.log warn;
 
-    # --- Snippets Globais de Performance e Segurança ---
     include snippets/ssl_params.conf;
     include snippets/proxy_params.conf;
     include snippets/modsecurity.conf;
+    # modsecurity_rules_file /etc/nginx/modsec/main.conf;
     include snippets/well_known.conf;
     include snippets/security_actions.conf;
     
-    # --- Certificados ---
     ssl_certificate /etc/letsencrypt/live/ferreirareal.com.br/fullchain.pem;
     ssl_certificate_key /etc/letsencrypt/live/ferreirareal.com.br/privkey.pem;
 
-    # --- Cache ---
-    proxy_cache dynamic_cache; # Usando a Zona Universal
-    
-    # --- Variáveis para Snippets de Identificação ---
+    proxy_cache dynamic_cache;
     set $upstream_proto http;
     set $upstream_app ferreirareal_backend;
 
-    # --- LOCATIONS ---
-
-    # 1. Contatos (SEM CACHE)
     location = /Contatos.html {
         proxy_cache_bypass 1;
         proxy_no_cache 1;
         proxy_pass http://ferreirareal_backend;
     }
 
-    # 2. Assets Estáticos (CACHE AGRESSIVO & MODERN)
     location ~* \.(webp|avif|heic|apng|jpg|jpeg|gif|png|ico|svg|mjs|js|ts|wasm|json|woff2?|ttf|otf|eot|css|less|scss)$ {
-        # include snippets/cache_optimizer.conf;
+        include snippets/cache_optimizer.conf;
         add_header Cache-Control $cache_control_header;
-        
         proxy_cache_valid 200 1d;
         proxy_pass http://ferreirareal_backend;
-        
-        # Rate Limit Diferenciado
         limit_req zone=global_limit burst=50 nodelay;
         limit_req zone=punishment_limit burst=5 nodelay;
-        
         access_log off;
     }
 
-    # 3. Raiz (CACHE DINÂMICO)
     location / {
         expires 15m;
         proxy_cache_valid 200 15m;
diff --git a/conf.d/test.local.conf b/conf.d/test.local.conf
index 9482d10..a064afc 100644
--- a/conf.d/test.local.conf
+++ b/conf.d/test.local.conf
@@ -7,36 +7,23 @@ server {
     listen 80;
     server_name test.local;
 
-    # Logs JSON (Mandatório para monitoramento 2026)
     access_log /var/log/nginx/test.local.access.log detailed_proxy;
     error_log /var/log/nginx/test.local.error.log warn;
 
-    # 1. Segurança e Well-Known
     include snippets/well_known.conf;
     include snippets/security_actions.conf;
 
-    # 2. Performance e Cache
-    include snippets/cache_optimizer.conf;
-
     location / {
         proxy_pass http://test_backend;
         include snippets/proxy_params.conf;
-        
-        # Rate Limit
         limit_req zone=global_limit burst=20 nodelay;
         limit_req zone=punishment_limit burst=5 nodelay;
-        
-        add_header X-Test-Tag "v1.0-Homologacao";
     }
 
-    # Assets para teste de Pseudo-CDN e Cache
     location ~* \.(webp|avif|heic|apng|jpg|jpeg|gif|png|ico|svg|mjs|js|ts|wasm|json|woff2?|ttf|otf|eot|css|less|scss)$ {
         include snippets/cache_optimizer.conf;
         add_header Cache-Control $cache_control_header;
-        
         proxy_cache_valid 200 1d;
         proxy_pass http://test_backend;
-        
-        add_header X-Asset-Test "Injected";
     }
 }
diff --git a/nginx.conf b/nginx.conf
index cd26c9e..fcf8fa1 100644
--- a/nginx.conf
+++ b/nginx.conf
@@ -18,7 +18,7 @@ events {
 }
 
 http {
-    # modsecurity_rules_file /etc/nginx/modsec/empty.conf;
+    # modsecurity_rules_file /etc/nginx/modsec/main.conf;
     include /etc/nginx/mime.types;
     default_type application/octet-stream;
 
@@ -43,6 +43,13 @@ http {
     ssl_session_timeout 1d;
     ssl_session_tickets off;
 
+    # Shared Cache Zone (Pseudo-CDN)
+    proxy_cache_path /var/cache/nginx levels=1:2 keys_zone=dynamic_cache:50m max_size=10g inactive=60m use_temp_path=off;
+
+    # DNS Resolver (SSL Stapling & Upstreams)
+    resolver 8.8.8.8 8.8.4.4 valid=300s;
+    resolver_timeout 5s;
+
     # Security Snippets
     include /etc/nginx/snippets/security_maps.conf;
     include /etc/nginx/snippets/rate_limit.conf;