diff --git a/CHANGELOG.md b/CHANGELOG.md
index 50a22ab..4764644 100755
--- a/CHANGELOG.md
+++ b/CHANGELOG.md
@@ -1,5 +1,11 @@
 # oEmbed Changelog
 
+## 1.0.1 - 2018-11-26
+
+### Updated
+- Changed preview controller action access to prevent anonymous access
+- Refactored the preview action to use a template with wrapper to allow for future styling and updates
+
 ## 1.0.0 - 2018-11-18
 
 ### Added
diff --git a/composer.json b/composer.json
index c9280cf..ddf6919 100755
--- a/composer.json
+++ b/composer.json
@@ -2,7 +2,7 @@
     "name": "wrav/oembed",
     "description": "A simple plugin to extract media information from websites, like youtube videos, twitter statuses or blog articles.",
     "type": "craft-plugin",
-    "version": "1.0.0",
+    "version": "1.0.1",
     "keywords": [
         "craft",
         "cms",
diff --git a/releases.json b/releases.json
index baf4233..fa9790e 100755
--- a/releases.json
+++ b/releases.json
@@ -1,4 +1,13 @@
 [
+    {
+        "version": "1.0.1",
+        "downloadUrl": "https://github.com/wrav/oembed/archive/master.zip",
+        "date": "2018-11-26:00:00+10:30",
+        "notes": [
+            "[Updated] Change preview controller action access to prevent anonymous access",
+            "[Updated] Refactored the preview action to use a template with wrapper to allow for future styling and updates"
+        ]
+    },
     {
         "version": "1.0.0",
         "downloadUrl": "https://github.com/wrav/oembed/archive/master.zip",
diff --git a/src/Oembed.php b/src/Oembed.php
index f8b262d..0188fa4 100755
--- a/src/Oembed.php
+++ b/src/Oembed.php
@@ -23,6 +23,7 @@
 use craft\events\RegisterComponentTypesEvent;
 use craft\web\View;
 use craft\events\RegisterUrlRulesEvent;
+use craft\web\UrlManager;
 
 use yii\base\Event;
 
@@ -116,6 +117,14 @@ function(Event $event) {
             }
         );
 
+        Event::on(
+            UrlManager::class,
+            UrlManager::EVENT_REGISTER_CP_URL_RULES,
+            function(RegisterUrlRulesEvent $event) {
+                $event->rules['oembed/preview'] = 'oembed/default/preview';
+            }
+        );
+
         Craft::info(
             Craft::t(
                 'oembed',
@@ -126,7 +135,4 @@ function(Event $event) {
         );
     }
 
-    // Protected Methods
-    // =========================================================================
-
 }
diff --git a/src/assetbundles/oembed/dist/js/oembed.js b/src/assetbundles/oembed/dist/js/oembed.js
index a39b888..3b0c929 100755
--- a/src/assetbundles/oembed/dist/js/oembed.js
+++ b/src/assetbundles/oembed/dist/js/oembed.js
@@ -12,7 +12,7 @@
 
 var oembedOnChangeTimeout = null;
 
-$('input.oembed-field').change(function () {
+$('input.oembed-field').on('keyup blur change', function () {
     var that = $(this);
 
     if (oembedOnChangeTimeout != null) {
@@ -23,10 +23,11 @@ $('input.oembed-field').change(function () {
         oembedOnChangeTimeout = null;
 
         var val = that.val();
+
         if(val) {
             $.ajax({
                 type: "GET",
-                url: "/actions/oembed/default/preview?url=" + val + "&options[]=",
+                url: "/admin/oembed/preview?url=" + val + "&options[]=",
                 async: true
             }).done(function (res) {
                 var preview = that.parent().find('.oembed-preview');
@@ -44,5 +45,3 @@ $('input.oembed-field').change(function () {
 
     }, 500);
 });
-
-// https://www.youtube.com/watch?v=mJB83EZtAjc
\ No newline at end of file
diff --git a/src/controllers/DefaultController.php b/src/controllers/DefaultController.php
index 4009834..f85d649 100755
--- a/src/controllers/DefaultController.php
+++ b/src/controllers/DefaultController.php
@@ -27,26 +27,26 @@ class DefaultController extends Controller
     // Protected Properties
     // =========================================================================
 
-    protected $allowAnonymous = true;
+    protected $allowAnonymous = false;
 
     // Public Methods
     // =========================================================================
 
     public function actionPreview()
     {
-        $data = Craft::$app->request->getQueryParams();
+        $url = Craft::$app->request->getRequiredParam('url');
+        $options = Craft::$app->request->getParam('options') ?? [];
 
         try {
-            if (isset($data['url'])) {
-                echo Oembed::getInstance()->oembedService->render($data['url'], []);
-            }   
+            return $this->renderTemplate(
+                'oembed/preview',
+                [
+                    'url' => $url,
+                    'options' => $options,
+                ]
+            );
         } catch(\Exception $exception) {
-            if (getenv('ENVIRONMENT') === 'dev') {
-                throw new $exception;
-            }
-        } finally {
-            Craft::$app->end();
+            throw new $exception;
         }
-
     }
 }
diff --git a/src/templates/preview.twig b/src/templates/preview.twig
new file mode 100755
index 0000000..63b2027
--- /dev/null
+++ b/src/templates/preview.twig
@@ -0,0 +1,9 @@
+{% set media = craft.oembed.embed(url) %}
+
+{% if media %}
+    <div class="embed-preview">
+        {{ media.html|raw }}
+    </div>
+{% else %}
+    <p class="error">Please check your URL.</p>
+{% endif %}
diff --git a/src/variables/OembedVariable.php b/src/variables/OembedVariable.php
index 800f924..b741f6f 100755
--- a/src/variables/OembedVariable.php
+++ b/src/variables/OembedVariable.php
@@ -34,4 +34,18 @@ public function render($url, array $options = [])
     {
         return Oembed::getInstance()->oembedService->render($url, $options);
     }
+
+    /**
+     * Call it like this:
+     *
+     *     {{ craft.oembed.embed(url, options) }}
+     *
+     * @param $url
+     * @param array $options
+     * @return string
+     */
+    public function embed($url, array $options = [])
+    {
+        return Oembed::getInstance()->oembedService->embed($url, $options);
+    }
 }