diff --git a/docker-compose/homer/docker-compose.yml.j2 b/docker-compose/homer/docker-compose.yml.j2
index cd9c1cb9..07202ca3 100644
--- a/docker-compose/homer/docker-compose.yml.j2
+++ b/docker-compose/homer/docker-compose.yml.j2
@@ -18,15 +18,6 @@ services:
       - traefik
     labels:
       com.centurylinklabs.watchtower.enable: true
-
-      traefik.http.routers.homer.rule: Host(`www.mgrote.net`,`mgrote.net`)
-      traefik.enable: true
-      traefik.http.routers.homer.tls: true
-      traefik.http.routers.homer.tls.certresolver: resolver_letsencrypt
-      traefik.http.routers.homer.entrypoints: entry_https
-      traefik.http.services.homer.loadbalancer.server.port: 8080
-
-      traefik.http.routers.homer.middlewares: nforwardauth
       
 ######## Networks ########
 networks:
diff --git a/docker-compose/miniflux/docker-compose.yml.j2 b/docker-compose/miniflux/docker-compose.yml.j2
index 90bf37ad..ee9327ff 100644
--- a/docker-compose/miniflux/docker-compose.yml.j2
+++ b/docker-compose/miniflux/docker-compose.yml.j2
@@ -29,8 +29,6 @@ services:
       traefik.http.routers.miniflux.entrypoints: entry_https
       traefik.http.services.miniflux.loadbalancer.server.port: 8080
 
-      traefik.http.routers.miniflux.middlewares: error-pages-middleware
-
       com.centurylinklabs.watchtower.enable: true
       com.centurylinklabs.watchtower.depends-on: mf-db
 
diff --git a/docker-compose/navidrome/docker-compose.yml.j2 b/docker-compose/navidrome/docker-compose.yml.j2
index f4af0b19..ad4872fb 100644
--- a/docker-compose/navidrome/docker-compose.yml.j2
+++ b/docker-compose/navidrome/docker-compose.yml.j2
@@ -36,8 +36,6 @@ services:
       traefik.http.routers.navidrome-mg.entrypoints: entry_https
       traefik.http.services.navidrome-mg.loadbalancer.server.port: 4533
 
-      traefik.http.routers.navidrome-mg.middlewares: error-pages-middleware
-
       com.centurylinklabs.watchtower.enable: true
     ports:
       - "4533:4533"
diff --git a/docker-compose/registry/docker-compose.yml.j2 b/docker-compose/registry/docker-compose.yml.j2
index c25eb12a..84ec136d 100644
--- a/docker-compose/registry/docker-compose.yml.j2
+++ b/docker-compose/registry/docker-compose.yml.j2
@@ -28,7 +28,7 @@ services:
       traefik.http.routers.registry.entrypoints: entry_https
       traefik.http.services.registry.loadbalancer.server.port: 5000
 
-      traefik.http.routers.registry.middlewares: error-pages-middleware,registry-ipwhitelist
+      traefik.http.routers.registry.middlewares: registry-ipwhitelist
 
       traefik.http.middlewares.registry-ipwhitelist.ipwhitelist.sourcerange: 192.168.2.0/24,10.25.25.0/24,192.168.48.0/24 # .48. ist Docker
       traefik.http.middlewares.registry-ipwhitelist.ipwhitelist.ipstrategy.depth: 0 # https://doc.traefik.io/traefik/middlewares/http/ipwhitelist/#ipstrategydepth
diff --git a/docker-compose/traefik/docker-compose.yml.j2 b/docker-compose/traefik/docker-compose.yml.j2
index 628cf940..c269075e 100644
--- a/docker-compose/traefik/docker-compose.yml.j2
+++ b/docker-compose/traefik/docker-compose.yml.j2
@@ -29,74 +29,6 @@ services:
       # beim Einsatz von nforwardauth:
       # Beispiel: YYYYY
 
-      # Middleware default
-      # enthält Rate-Limiting, Error-Pages und ZZZ?
-
-
-######## error-pages ########
-# https://github.com/tarampampam/error-pages/wiki/Traefik-(docker-compose)
-  error-pages:
-    container_name: "traefik-error-pages"
-    image: tarampampam/error-pages:2
-    restart: always
-    environment:
-      TEMPLATE_NAME: ghost
-    labels:
-      com.centurylinklabs.watchtower.depends-on: traefik
-      com.centurylinklabs.watchtower.enable: true
-
-      traefik.enable: true
-      # use as "fallback" for any NON-registered services (with priority below normal)
-      traefik.http.routers.error-pages-router.rule: HostRegexp(`{host:.+}`)
-      traefik.http.routers.error-pages-router.priority: 10
-      # should say that all of your services work on https
-      traefik.http.routers.error-pages-router.entrypoints: entry_https
-      traefik.http.routers.error-pages-router.middlewares: error-pages-middleware
-      # "errors" middleware settings
-      traefik.http.middlewares.error-pages-middleware.errors.status: 400-599
-      traefik.http.middlewares.error-pages-middleware.errors.service: error-pages-service
-      traefik.http.middlewares.error-pages-middleware.errors.query: /{status}.html
-      # define service properties
-      traefik.http.services.error-pages-service.loadbalancer.server.port: 8080
-    depends_on:
-      - traefik
-    networks:
-      - traefik
-
-######## nforwardauth ########
-# https://github.com/NOSDuco/nforwardauth
-  nforwardauth:
-    container_name: "traefik-nforwardauth"
-    image: nosduco/nforwardauth:v1
-    restart: always
-    depends_on:
-      - traefik
-    networks:
-      - traefik
-    volumes:
-      - ./passwd:/passwd:ro # Mount local passwd file at /passwd as ready only
-    environment:
-      TOKEN_SECRET: {{ lookup('keepass', 'traefik-nforwardauth-token-secret', 'password') }} # Secret to use when signing auth token
-      AUTH_HOST: auth.mgrote.net
-      #COOKIE_DOMAIN: mgrote.net # Set domain for the cookies. This value will allow cookie and auth on *.yourdomain.com (including base domain)
-      PORT: 3000 # Set specific port to listen on
-    labels:
-      com.centurylinklabs.watchtower.depends-on: traefik
-      com.centurylinklabs.watchtower.enable: true
-
-      traefik.enable: true
-      traefik.http.routers.nforwardauth.rule: Host(`auth.mgrote.net`)
-
-      traefik.http.middlewares.nforwardauth.forwardauth.address: http://nforwardauth:3000
-
-      traefik.http.services.nforwardauth.loadbalancer.server.port: 3000
-      traefik.http.routers.nforwardauth.tls: true
-      traefik.http.routers.nforwardauth.tls.certresolver: resolver_letsencrypt
-      traefik.http.routers.nforwardauth.entrypoints: entry_https
-
-    #  traefik.http.routers.nforwardauth.middlewares: error-pages-middleware
-
-
 ######## Networks ########
 networks:
   traefik:
diff --git a/docker-compose/traefik/file-provider.yml b/docker-compose/traefik/file-provider.yml
index dd2619a5..8ed9ca33 100644
--- a/docker-compose/traefik/file-provider.yml
+++ b/docker-compose/traefik/file-provider.yml
@@ -25,8 +25,6 @@ http:
         - entry_https
       tls:
         certresolver: resolver_letsencrypt
-      middlewares:
-        - error-pages-middleware@docker
     router_gitea:
       rule: "Host(`git.mgrote.net`)"
       service: "service_gitea"
diff --git a/docker-compose/whoami/docker-compose.yml.j2 b/docker-compose/whoami/docker-compose.yml.j2
index 6719b823..57e92590 100644
--- a/docker-compose/whoami/docker-compose.yml.j2
+++ b/docker-compose/whoami/docker-compose.yml.j2
@@ -9,7 +9,11 @@ services:
       - traefik
     labels:
       traefik.http.routers.whoami.rule: Host(`whoami.mgrote.net`)
-      traefik.http.routers.whoami.middlewares: nforwardauth
+      traefik.http.routers.whoami.middlewares: whoami-ipwhitelist
+
+      traefik.http.middlewares.whoami-ipwhitelist.ipwhitelist.sourcerange: 192.168.2.0/24,10.25.25.0/24,192.168.48.0/24 # .48. ist Docker
+
+      traefik.http.middlewares.whoami-ipwhitelist.ipwhitelist.ipstrategy.depth: 0 # https://doc.traefik.io/traefik/middlewares/http/ipwhitelist/#ipstrategydepth
       traefik.enable: true
       traefik.http.routers.whoami.tls: true
       traefik.http.routers.whoami.tls.certresolver: resolver_letsencrypt