I’m not using Authelia myself but I don’t think you’d need to run beta releases to get security patches.

Interesting - I didn’t bother to set the X-Real-IP headers until now and this might speed up my instance too. Thanks!

Then I wondered: what if the program is “smart” and throttles it by itself without any warning to the admin if it thinks that an ip address is sending too many requests?

The word you’re looking for is “Rate Limit(ing)” and according to the documentation you could also disable it completely.

But I guess the cleanest and most secure solution would be to just set the headers on the reverse proxy.

That’s what I always tell myself too.

I upload encrypted daily snapshots to a bucket in the cloud using restic.

How do you upload a snapshot? I’m using TrueNAS where I can make snapshots visible in a otherwise hidden .zfs directory. Do you just backup from there or something similar? Is there an upside to backing up a snapshot instead of just the current data?