So I’m hosting a lot of Docker containers, a lot of which are behind a Traefik reverse proxy. Is it safe to use IPWhitelist middleware? I want to ensure that only the LAN can access the services while using HTTPS, because some services (like Radarr and Sonarr) have a password and I don’t want that information sent without encryption / SSL.
Could someone spoof their client IP address and bypass the Traefik IP whitelist?
As an alternative, have you considered putting those services behind a vpn like tailscale/wire guard/head scale?