diff --git a/src/web.lisp b/src/web.lisp
index 1b38ab8..3ede973 100644
--- a/src/web.lisp
+++ b/src/web.lisp
@@ -1485,6 +1485,55 @@
                       (format nil "~a"
                               (mito.dao.mixin:object-updated-at item))))))))))
 
+(defroute ("/danger/manage-files" :method :GET) ()
+  (hermetic:auth
+   (:logged-in)
+   ;; Authorised
+   (let ((alert (utils:get-and-reset-alert)))
+     (render "/danger/manage-files.html"
+	     (append (auth:auth-user-data)
+		     `(:alert ,alert
+		       :system-data ,(nera:system-data)
+		       :archive-files
+                       ,(storage:get-file-names
+                         (storage:get-files-in-directory "" "archive"))
+                       :media-files
+                       ,(storage:get-file-names
+                         (storage:get-files-in-directory "" "media"))
+                       :pages-files
+                       ,(storage:get-file-names
+                         (storage:get-files-in-directory "" "pages"))))))
+  ;; Not Authorised
+  (progn
+    (utils:set-alert "You are not authorised to view this page." "error")
+    (redirect "/login"))))
+
+(defroute ("/danger/delete-file" :method :POST) ()
+  (destructuring-bind
+      (&key filename directory authenticity-token &allow-other-keys)
+      (utils:request-params (lack.request:request-body-parameters ningle:*request*))
+    (cond ((not (string= authenticity-token (auth:csrf-token)))
+	   `(,+forbidden+ (:content-type "text/plain") ("Denied")))
+	  (t (hermetic:auth
+	      (:administrator)
+	      ;; Authorised
+	      (cond ((find t (mapcar #'utils:string-is-nil-or-empty?
+				     `(,filename ,directory)))
+                     (utils:set-alert
+                      "File name or directory not provided." "missing-data")
+                     (redirect "/danger/manage-files"))
+                    ((not (storage:file-exists-p "" directory filename))
+                     (utils:set-alert "File cannot be found." "invalid-data")
+                     (redirect "/danger/manage-files"))
+                    (t (storage:file-exists-p "" directory filename)
+                       (storage:remove-file "" directory filename)
+                       (utils:set-alert "File deleted." "success")
+                       (redirect "/danger/manage-files")))
+	      ;; Not Authorised
+	      (progn (utils:set-alert
+                      "You are not authorised to delete page." "error")
+		     (redirect "/login")))))))
+
 (defroute ("/danger/repopulate-search-db" :method :POST) ()
    (destructuring-bind
       (&key authenticity-token &allow-other-keys)
@@ -1515,7 +1564,7 @@
 	      (:administrator)
 	      ;; Authorised
               (progn
-                ;; The 'when' checks are just a pre-caution. These directories
+                ;; The 'when' checks are just a precaution. These directories
                 ;; were created during the site's first-run/initial set-up. If
                 ;; they are missing, though, whilst this function is executing,
                 ;; an error is thrown -- hence the check.