diff --git a/README.md b/README.md
index 9b3c4aa..501fee0 100644
--- a/README.md
+++ b/README.md
@@ -43,6 +43,7 @@ retribusi (frontend)/
 ## Konfigurasi
 
 File `public/dashboard/js/config.js` mengatur:
+
 - API Base URL (auto-detect local/production)
 - API Key untuk autentikasi
 
@@ -55,12 +56,14 @@ File `public/dashboard/js/config.js` mengatur:
 ## Production
 
 Deploy ke web server (Apache/Nginx) dengan konfigurasi:
+
 - Base URL: sesuai dengan domain production
 - API Base URL: otomatis terdeteksi dari hostname
 
 ### Update di Server Production
 
 **Cara 1: Menggunakan Script (Recommended)**
+
 ```bash
 # Linux/Unix
 cd /path/to/retribusi-frontend
@@ -72,17 +75,20 @@ pull.bat
 ```
 
 **Cara 2: Command Langsung (Sekali Jalan)**
+
 ```bash
 cd /path/to/retribusi-frontend && git stash && git pull origin main && git stash pop
 ```
 
 **Cara 3: Manual**
+
 ```bash
 cd /path/to/retribusi-frontend
 git pull origin main
 ```
 
 **Fix Dubious Ownership Error (jika muncul)**
+
 ```bash
 # Tambahkan directory ke safe.directory
 git config --global --add safe.directory /www/wwwroot/retribusi.btekno.cloud/retribusi
@@ -90,4 +96,3 @@ git config --global --add safe.directory /www/wwwroot/retribusi.btekno.cloud/ret
 # Atau gunakan script pull.sh yang sudah auto-fix
 bash pull.sh
 ```
-
diff --git a/index.php b/index.php
index c4d0aa5..6b1dd65 100644
--- a/index.php
+++ b/index.php
@@ -69,7 +69,9 @@
         window.Auth = Auth;
         
         // Jika sudah login, langsung arahkan ke dashboard utama (public/dashboard)
-        if (Auth.isAuthenticated()) {
+        // Cek dulu apakah kita sudah di dashboard untuk menghindari redirect loop
+        const currentPath = window.location.pathname;
+        if (Auth.isAuthenticated() && !currentPath.includes('dashboard.html')) {
             window.location.href = 'public/dashboard/dashboard.html';
         }
 
diff --git a/public/dashboard/js/api.js b/public/dashboard/js/api.js
index bb829a2..072f65d 100644
--- a/public/dashboard/js/api.js
+++ b/public/dashboard/js/api.js
@@ -40,7 +40,11 @@ async function apiRequest(path, options = {}) {
       // Unauthorized → clear token & redirect to login
       localStorage.removeItem('token');
       localStorage.removeItem('user');
-      window.location.href = '../index.php';
+      // Cek apakah sudah di login page untuk menghindari redirect loop
+      const currentPath = window.location.pathname;
+      if (!currentPath.includes('index.php')) {
+        window.location.href = '../index.php';
+      }
       throw new Error('Unauthorized');
     }
 
diff --git a/public/dashboard/js/auth.js b/public/dashboard/js/auth.js
index 4291823..7c632d8 100644
--- a/public/dashboard/js/auth.js
+++ b/public/dashboard/js/auth.js
@@ -75,7 +75,9 @@ async function handleLoginSubmit(event) {
 document.addEventListener('DOMContentLoaded', () => {
   const form = document.getElementById('login-form');
   if (form) {
-    if (Auth.isAuthenticated()) {
+    // Cek apakah sudah authenticated dan belum di dashboard untuk menghindari redirect loop
+    const currentPath = window.location.pathname;
+    if (Auth.isAuthenticated() && !currentPath.includes('dashboard')) {
       window.location.href = 'dashboard.html';
       return;
     }
diff --git a/public/index.php b/public/index.php
deleted file mode 100644
index cd7881c..0000000
--- a/public/index.php
+++ /dev/null
@@ -1,5 +0,0 @@
-<?php
-// Redirect ke login page di root
-header('Location: ../index.php');
-exit;
-
diff --git a/retribusi (frontend).zip b/retribusi (frontend).zip
new file mode 100644
index 0000000..af2a6e5
Binary files /dev/null and b/retribusi (frontend).zip differ