diff --git a/node/padurlsanitize.js b/node/padurlsanitize.js
new file mode 100644
index 000000000..b3885578e
--- /dev/null
+++ b/node/padurlsanitize.js
@@ -0,0 +1,29 @@
+var padManager = require('./db/PadManager');
+
+exports.expressServer = function (hook_name, args, cb) {
+  //redirects browser to the pad's sanitized url if needed. otherwise, renders the html
+  args.app.param('pad', function (req, res, next, padId) {
+    //ensure the padname is valid and the url doesn't end with a /
+    if(!padManager.isValidPadId(padId) || /\/$/.test(req.url))
+    {
+      res.send('Such a padname is forbidden', 404);
+    }
+    else
+    {
+      padManager.sanitizePadId(padId, function(sanitizedPadId) {
+	//the pad id was sanitized, so we redirect to the sanitized version
+	if(sanitizedPadId != padId)
+	{
+	  var real_path = req.path.replace(/^\/p\/[^\/]+/, '/p/' + sanitizedPadId);
+	  res.header('Location', real_path);
+	  res.send('You should be redirected to <a href="' + real_path + '">' + real_path + '</a>', 302);
+	}
+	//the pad id was fine, so just render it
+	else
+	{
+	  next();
+	}
+      });
+    }
+  });
+}
diff --git a/node/server.js b/node/server.js
index f07bdd5d6..4d4ca31e1 100644
--- a/node/server.js
+++ b/node/server.js
@@ -70,6 +70,12 @@ exports.maxAge = 1000*60*60*6;
 log4js.setGlobalLogLevel(settings.loglevel);
 
 async.waterfall([
+  //initalize the database
+  function (callback)
+  {
+    db.init(callback);
+  },
+
   plugins.update,
 
   function (callback) {
@@ -79,11 +85,6 @@ async.waterfall([
     callback();
   },
 
-  //initalize the database
-  function (callback)
-  {
-    db.init(callback);
-  },
   //initalize the http server
   function (callback)
   {
@@ -97,33 +98,6 @@ async.waterfall([
       next();
     });
 
-    
-    //redirects browser to the pad's sanitized url if needed. otherwise, renders the html
-    app.param('pad', function (req, res, next, padId) {
-      //ensure the padname is valid and the url doesn't end with a /
-      if(!padManager.isValidPadId(padId) || /\/$/.test(req.url))
-      {
-        res.send('Such a padname is forbidden', 404);
-      }
-      else
-      {
-        padManager.sanitizePadId(padId, function(sanitizedPadId) {
-          //the pad id was sanitized, so we redirect to the sanitized version
-          if(sanitizedPadId != padId)
-          {
-            var real_path = req.path.replace(/^\/p\/[^\/]+/, '/p/' + sanitizedPadId);
-            res.header('Location', real_path);
-            res.send('You should be redirected to <a href="' + real_path + '">' + real_path + '</a>', 302);
-          }
-          //the pad id was fine, so just render it
-          else
-          {
-            next();
-          }
-        });
-      }
-    });
-
     //load modules that needs a initalized db
     readOnlyManager = require("./db/ReadOnlyManager");
     exporthtml = require("./utils/ExportHtml");
diff --git a/pluginomatic.json b/pluginomatic.json
index fe5039e3f..dc584bc87 100644
--- a/pluginomatic.json
+++ b/pluginomatic.json
@@ -11,6 +11,12 @@
       "hooks": {
         "expressServer": "../specialpages:expressServer"
       }
+    },
+    {
+      "name": "padurlsanitize",
+      "hooks": {
+        "expressServer": "../padurlsanitize:expressServer"
+      }
     }
   ]
 }