I’m thinking of running the caddy server on the native host, so I can manipulate iptables with fail2ban. But on the other side this might catch normal requests also, if they are too often. @jolly-london-20127 do netmaker write some logs with failed logins? Then fail2ban could use them in filter and blocks ips from accessing caddy server (not running in docker)