diff --git a/DOCKER_VERSION b/DOCKER_VERSION
index 831446cb..ac14c3df 100644
--- a/DOCKER_VERSION
+++ b/DOCKER_VERSION
@@ -1 +1 @@
-5.1.0
+5.1.1
diff --git a/docs/CHANGELOG.md b/docs/CHANGELOG.md
index 4c06635c..74c3dd5f 100644
--- a/docs/CHANGELOG.md
+++ b/docs/CHANGELOG.md
@@ -1,6 +1,10 @@
 # Changelog
 All notable changes to this project will be documented in this file.
 
+## [5.1.1] - 2019-09-01
+
+Close connections when reserved bits are used (autobahn test: 3 Reserved Bits)
+
 ## [5.1.0] - 2019-08-31
 
 ws autobahn / Add code to test websocket client compliance with the autobahn test-suite
diff --git a/ixwebsocket/IXWebSocketCloseConstants.cpp b/ixwebsocket/IXWebSocketCloseConstants.cpp
index 85b69454..81df5cfd 100644
--- a/ixwebsocket/IXWebSocketCloseConstants.cpp
+++ b/ixwebsocket/IXWebSocketCloseConstants.cpp
@@ -20,4 +20,5 @@ namespace ix
     const std::string WebSocketCloseConstants::kPingTimeoutMessage("Ping timeout");
     const std::string WebSocketCloseConstants::kProtocolErrorMessage("Protocol error");
     const std::string WebSocketCloseConstants::kNoStatusCodeErrorMessage("No status code");
+    const std::string WebSocketCloseConstants::kProtocolErrorReservedBitUsed("Reserved bit used");
 }
diff --git a/ixwebsocket/IXWebSocketCloseConstants.h b/ixwebsocket/IXWebSocketCloseConstants.h
index 572a71b7..74f16aa4 100644
--- a/ixwebsocket/IXWebSocketCloseConstants.h
+++ b/ixwebsocket/IXWebSocketCloseConstants.h
@@ -25,5 +25,6 @@ namespace ix
         static const std::string kPingTimeoutMessage;
         static const std::string kProtocolErrorMessage;
         static const std::string kNoStatusCodeErrorMessage;
+        static const std::string kProtocolErrorReservedBitUsed;
     };
 } // namespace ix
diff --git a/ixwebsocket/IXWebSocketHandshake.cpp b/ixwebsocket/IXWebSocketHandshake.cpp
index 5a9c9537..11529449 100644
--- a/ixwebsocket/IXWebSocketHandshake.cpp
+++ b/ixwebsocket/IXWebSocketHandshake.cpp
@@ -235,7 +235,7 @@ namespace ix
             else if (!_perMessageDeflate.init(webSocketPerMessageDeflateOptions))
             {
                 return WebSocketInitResult(
-                    false, 0,"Failed to initialize per message deflate engine");
+                    false, 0, "Failed to initialize per message deflate engine");
             }
         }
 
diff --git a/ixwebsocket/IXWebSocketHandshake.h b/ixwebsocket/IXWebSocketHandshake.h
index f3cd8a5b..ed089087 100644
--- a/ixwebsocket/IXWebSocketHandshake.h
+++ b/ixwebsocket/IXWebSocketHandshake.h
@@ -15,8 +15,6 @@
 #include <chrono>
 #include <memory>
 #include <string>
-#include <tuple>
-#include <unordered_map>
 
 namespace ix
 {
diff --git a/ixwebsocket/IXWebSocketTransport.cpp b/ixwebsocket/IXWebSocketTransport.cpp
index eb7b4b62..0148ea24 100644
--- a/ixwebsocket/IXWebSocketTransport.cpp
+++ b/ixwebsocket/IXWebSocketTransport.cpp
@@ -472,12 +472,22 @@ namespace ix
             const uint8_t * data = (uint8_t *) &_rxbuf[0]; // peek, but don't consume
             ws.fin = (data[0] & 0x80) == 0x80;
             ws.rsv1 = (data[0] & 0x40) == 0x40;
+            ws.rsv2 = (data[0] & 0x20) == 0x20;
+            ws.rsv3 = (data[0] & 0x10) == 0x10;
             ws.opcode = (wsheader_type::opcode_type) (data[0] & 0x0f);
             ws.mask = (data[1] & 0x80) == 0x80;
             ws.N0 = (data[1] & 0x7f);
             ws.header_size = 2 + (ws.N0 == 126? 2 : 0) + (ws.N0 == 127? 8 : 0) + (ws.mask? 4 : 0);
             if (_rxbuf.size() < ws.header_size) break; /* Need: ws.header_size - _rxbuf.size() */
 
+            if ((ws.rsv1 && !_enablePerMessageDeflate) || ws.rsv2 || ws.rsv3)
+            {
+                close(WebSocketCloseConstants::kProtocolErrorCode,
+                      WebSocketCloseConstants::kProtocolErrorReservedBitUsed,
+                      _rxbuf.size());
+                return;
+            }
+
             //
             // Calculate payload length:
             // 0-125 mean the payload is that long.
diff --git a/ixwebsocket/IXWebSocketTransport.h b/ixwebsocket/IXWebSocketTransport.h
index c13a81c5..32a864c9 100644
--- a/ixwebsocket/IXWebSocketTransport.h
+++ b/ixwebsocket/IXWebSocketTransport.h
@@ -112,6 +112,8 @@ namespace ix
             unsigned header_size;
             bool fin;
             bool rsv1;
+            bool rsv2;
+            bool rsv3;
             bool mask;
             enum opcode_type
             {
diff --git a/ixwebsocket/IXWebSocketVersion.h b/ixwebsocket/IXWebSocketVersion.h
index d9644be3..f7be8980 100644
--- a/ixwebsocket/IXWebSocketVersion.h
+++ b/ixwebsocket/IXWebSocketVersion.h
@@ -6,4 +6,4 @@
 
 #pragma once
 
-#define IX_WEBSOCKET_VERSION "5.1.0"
+#define IX_WEBSOCKET_VERSION "5.1.1"
diff --git a/makefile b/makefile
index e4332996..47fac67e 100644
--- a/makefile
+++ b/makefile
@@ -9,7 +9,7 @@ install: brew
 # on osx it is good practice to make /usr/local user writable
 # sudo chown -R `whoami`/staff /usr/local
 brew:
-	mkdir -p build && (cd build ; cmake -DCMAKE_BUILD_TYPE=Release -DUSE_TLS=1 -DUSE_WS=1 .. ; make -j install)
+	mkdir -p build && (cd build ; cmake -DCMAKE_BUILD_TYPE=Debug -DUSE_TLS=1 -DUSE_WS=1 .. ; make -j install)
 
 ws:
 	mkdir -p build && (cd build ; cmake -DCMAKE_BUILD_TYPE=Debug -DUSE_TLS=1 -DUSE_WS=1 -DUSE_MBED_TLS=1 .. ; make -j)