diff --git a/group_vars/all.yml b/group_vars/all.yml
index 4024991..fe12d2a 100644
--- a/group_vars/all.yml
+++ b/group_vars/all.yml
@@ -33,6 +33,8 @@ haproxy:
             extra_param: backup
       - frontend:
           - hass.badjware.dev
+          - longhorn.badjware.dev
+          - traefik.badjware.dev
         backend:
           - server: 192.168.20.20
           - server: 192.168.20.21
@@ -43,6 +45,10 @@ haproxy:
             extra_param: backup
           - server: 192.168.20.24
             extra_param: backup
+        allowlist:
+          - 127.0.0.1
+          - 192.168.20.20/24
+          - 192.168.30.20/24
       - frontend:
           - s3.badjware.dev
         backend:
diff --git a/roles/haproxy/templates/haproxy.cfg b/roles/haproxy/templates/haproxy.cfg
index fdf84f0..33a2b27 100644
--- a/roles/haproxy/templates/haproxy.cfg
+++ b/roles/haproxy/templates/haproxy.cfg
@@ -66,9 +66,11 @@ frontend https_in
     # tcp-request inspect-delay 5s
     # tcp-request content accept if { req.ssl_hello_type 1  }
 
+    default_backend default_backend
+
 {% for http_route in https_routing %}
     #use_backend https_{{ http_route.frontend[0]|replace('.','_') }} if { req.ssl_sni -i {% for src in http_route.frontend %}{{ src }} {% endfor %}}
-    use_backend https_{{ http_route.frontend[0]|replace('.','_') }} if { hdr_end(host) -i {% for src in http_route.frontend %}{{ src }} {% endfor %}}
+    use_backend https_{{ http_route.frontend[0]|replace('.','_') }} if { hdr_end(host) -i {% for src in http_route.frontend %}{{ src }} {% endfor %}}{% if 'allowlist' in http_route %} { src {% for ip in http_route.allowlist %}{{ ip }} {% endfor %}}{% endif %}
 {% endfor %}
 
 ## BACKENDS ##
@@ -86,6 +88,10 @@ backend haproxy_metrics
     mode http
     http-request use-service prometheus-exporter
 
+backend default_backend
+    mode http
+    http-request deny deny_status 404
+
 {% for http_route in https_routing %}
 # backend for {{ ', '.join(http_route.frontend) }}
 backend https_{{ http_route.frontend[0]|replace('.','_') }}