diff --git a/stechuhr_server/server.py b/stechuhr_server/server.py
index decebaa05246c5cf0e369c10f22d14ce0181b680..8a7f8243a696c770ea9635e56b1a107c197f423b 100644
--- a/stechuhr_server/server.py
+++ b/stechuhr_server/server.py
@@ -23,8 +23,8 @@ path = "visitors.db"
 
 # A list of possible regex patterns for the id (logical OR!)
 id_patterns = [
-    "[A-z0-9]{24}",
-    "[A-Z0-9]{6,8}",
+    "^[A-z0-9]{24}$",
+    "^[A-Z0-9]{6,8}$",
 ]
 
 # minimum and maximum lengths for the received strings
@@ -192,7 +192,11 @@ def id_pattern_check(visitor_id: str) -> bool:
     Returns True if any of the patterns from the config matches.
     Returns False if none of the patterns matches.
     """
-    return any([re.match(p, visitor_id) for p in config["database"]["id_patterns"]])
+    matches = []
+    for match, pattern in [(re.match(pattern, visitor_id) is not None, pattern) for pattern in config["database"]["id_patterns"]]:
+        app.logger.debug('{} + {} = {}'.format(visitor_id, pattern, match))
+        matches.append(match)
+    return any(matches)
 
 
 def length_check(data: dict, key: str, minimum: int, maximum: int) -> bool:
@@ -210,9 +214,12 @@ def length_check(data: dict, key: str, minimum: int, maximum: int) -> bool:
     return True
 
 
-# This gets run for each request
+
 @app.route('/', methods = ['POST'])
 def post():
+    """
+    This function runs when a POST request on / is received
+    """
     if not request.data:
         # Missing data body, reject
         app.logger.info('400, Missing data body')
@@ -240,6 +247,10 @@ def post():
 # This gets run for each request
 @app.route('/', methods = ['GET'])
 def get():
+    """
+    This function runs when a GET request on / is received.
+    Can be deactivated in the config with the ignore_get_requests setting
+    """
     if config["application"]["ignore_get_requests"]:
         app.logger.info('501, Get Request Ignored')
         return "", 501