diff --git a/.github/stale.yml b/.github/stale.yml
deleted file mode 100644
index 2dc5b675..00000000
--- a/.github/stale.yml
+++ /dev/null
@@ -1,19 +0,0 @@
-# Number of days of inactivity before an issue becomes stale
-daysUntilStale: 60
-# Number of days of inactivity before a stale issue is closed
-daysUntilClose: 7
-# Issues with these labels will never be considered stale
-exemptLabels:
-  - pinned
-  - security
-  - enhancement
-  - bug
-# Label to use when marking an issue as stale
-staleLabel: wontfix
-# Comment to post when marking an issue as stale. Set to `false` to disable
-markComment: >
-  This issue has been automatically marked as stale because it has not had
-  recent activity. It will be closed if no further activity occurs. Thank you
-  for your contributions.
-# Comment to post when closing a stale issue. Set to `false` to disable
-closeComment: false
diff --git a/.github/workflows/stale-issues.yml b/.github/workflows/stale-issues.yml
new file mode 100644
index 00000000..bf2505b1
--- /dev/null
+++ b/.github/workflows/stale-issues.yml
@@ -0,0 +1,22 @@
+name: Close stale issues
+on:
+  schedule:
+    - cron: '30 1 * * *'
+
+jobs:
+  stale:
+    runs-on: ubuntu-latest
+    permissions:
+      issues: write
+      pull-requests: write
+    steps:
+      - uses: actions/stale@v8
+        with:
+          days-before-issue-stale: 60
+          days-before-issue-close: 7
+          stale-issue-label: 'stale'
+          stale-issue-message: 'This issue is stale because it has been open for 60 days with no activity.'
+          close-issue-message: 'This issue was closed because it has been inactive for 7 days since being marked as stale.'
+          days-before-pr-stale: -1
+          days-before-pr-close: -1
+          repo-token: ${{ secrets.GITHUB_TOKEN }}
diff --git a/pages/api/websites/[id]/reset.ts b/pages/api/websites/[id]/reset.ts
index dc98c591..23b5305d 100644
--- a/pages/api/websites/[id]/reset.ts
+++ b/pages/api/websites/[id]/reset.ts
@@ -1,5 +1,5 @@
 import { NextApiRequestQueryBody } from 'lib/types';
-import { canViewWebsite } from 'lib/auth';
+import { canUpdateWebsite } from 'lib/auth';
 import { useAuth, useCors } from 'lib/middleware';
 import { NextApiResponse } from 'next';
 import { methodNotAllowed, ok, unauthorized } from 'next-basics';
@@ -19,7 +19,7 @@ export default async (
   const { id: websiteId } = req.query;
 
   if (req.method === 'POST') {
-    if (!(await canViewWebsite(req.auth, websiteId))) {
+    if (!(await canUpdateWebsite(req.auth, websiteId))) {
       return unauthorized(res);
     }