diff --git a/apps/littlelink-custom/docker-compose.yml b/apps/littlelink-custom/docker-compose.yml
index d4a81184..7dfca4ee 100644
--- a/apps/littlelink-custom/docker-compose.yml
+++ b/apps/littlelink-custom/docker-compose.yml
@@ -60,9 +60,13 @@ services:
       traefik.http.routers.littlelink-custom.service: littlelink-custom
       traefik.http.routers.littlelink-custom.tls.certresolver: myresolver
       traefik.http.routers.littlelink-custom.tls: "true"
-      traefik.http.services.littlelink-custom.loadbalancer.server.port: 80
-      #traefik.http.services.littlelink-custom.loadbalancer.server.scheme: https
-      traefik.http.routers.littlelink-custom.middlewares: littlelink-custom-https-header
-      traefik.http.middlewares.littlelink-custom-https-header.headers.customrequestheaders.X-Forwarded-Proto: https
-
+      traefik.http.services.littlelink-custom.loadbalancer.server.port: 443
+      traefik.http.routers.littlelink-custom.middlewares: "littlelink-custom-security-headers,littlelink-custom-forwarded-headers"
+      traefik.http.middlewares.littlelink-custom-security-headers.headers.contentSecurityPolicy: "upgrade-insecure-requests"
+      traefik.http.middlewares.littlelink-custom-forwarded-headers.headers.customrequestheaders.X-Real-IP: "$remote_addr"
+      traefik.http.middlewares.littlelink-custom-forwarded-headers.headers.customrequestheaders.X-Forwarded-For: "$proxy_add_x_forwarded_for"
+      traefik.http.middlewares.littlelink-custom-forwarded-headers.headers.customrequestheaders.X-Forwarded-Proto: "https"
+      traefik.http.middlewares.littlelink-custom-forwarded-headers.headers.customrequestheaders.X-VerifiedViaNginx: "yes"
+      traefik.http.middlewares.littlelink-custom-forwarded-headers.headers.customrequestheaders.Upgrade: "$http_upgrade"
+      traefik.http.middlewares.littlelink-custom-forwarded-headers.headers.customrequestheaders.Connection: "upgrade"