diff --git a/config/packages/framework.yaml b/config/packages/framework.yaml
index 07b9ab32fe1e8a9140a52ded29cdd808a6f1487d..39c48440a3d4976a8f8d9ebd05dc17729e12ddbe 100644
--- a/config/packages/framework.yaml
+++ b/config/packages/framework.yaml
@@ -3,6 +3,8 @@ framework:
     secret: '%env(APP_SECRET)%'
     #csrf_protection: true
     http_method_override: false
+    trusted_proxies: '127.0.0.1,REMOTE_ADDR'
+    trusted_headers: ['x-forwarded-for', 'x-forwarded-host', 'x-forwarded-proto', 'x-forwarded-port']
 
     # Enables session support. Note that the session will ONLY be started if you read or write from it.
     # Remove or comment this section to explicitly disable session support.
diff --git a/traefik.yml b/traefik.yml
index 9f450b67f6db384cd9a6525236e00306df8a5cd7..fc5ff424058f8ad0cfd29227b1cc049fc6af1b87 100644
--- a/traefik.yml
+++ b/traefik.yml
@@ -12,7 +12,7 @@ services:
       - "traefik.http.routers.${NAME}.rule=Host(${HOST})"
       - "traefik.http.routers.${NAME}.tls.certresolver=myresolver"
       - "traefik.http.routers.${NAME}.entrypoints=web,websecure"
-      - "traefik.http.routers.${NAME}.middlewares=hardening@docker"
+      - "traefik.http.routers.${NAME}.middlewares=hardening@docker,xforwardedproto@docker,xforwardedport@docker"
 
 
 networks: