diff --git a/docker-compose.yml b/docker-compose.yml
index e3e8324..dcb2b3f 100644
--- a/docker-compose.yml
+++ b/docker-compose.yml
@@ -161,21 +161,23 @@ services:
       timeout: 10s
       retries: 3
 
-  # CrowdSec bouncer for Traefik
-  crowdsec-bouncer-traefik:
-    image: crowdsecurity/traefik-bouncer:v0.1.0
-    container_name: crowdsec-bouncer-traefik
-    restart: unless-stopped
-    networks:
-      - crowdsec
-    environment:
-      - CROWDSEC_BOUNCER_API_KEY=${CROWDSEC_API_KEY:-}
-      - CROWDSEC_AGENT_HOST=crowdsec:8080
-      - CROWDSEC_BOUNCER_LOG_LEVEL=1
-    labels:
-      - "traefik.enable=false"
-    depends_on:
-      - crowdsec
+  # CrowdSec bouncer for Traefik (optional - enables automatic IP blocking)
+  # To enable: docker exec crowdsec cscli bouncers add traefik-bouncer
+  # Then add CROWDSEC_API_KEY to environment variables
+  # crowdsec-bouncer-traefik:
+  #   image: crowdsecurity/traefik-bouncer:latest
+  #   container_name: crowdsec-bouncer-traefik
+  #   restart: unless-stopped
+  #   networks:
+  #     - crowdsec
+  #   environment:
+  #     - CROWDSEC_BOUNCER_API_KEY=${CROWDSEC_API_KEY}
+  #     - CROWDSEC_AGENT_HOST=crowdsec:8080
+  #     - CROWDSEC_BOUNCER_LOG_LEVEL=1
+  #   labels:
+  #     - "traefik.enable=false"
+  #   depends_on:
+  #     - crowdsec
 
   # ============================================================================
   # INTERNAL DNS - AdGuard Home
diff --git a/traefik/dynamic/middlewares.yml b/traefik/dynamic/middlewares.yml
index e7084d4..1ba612d 100644
--- a/traefik/dynamic/middlewares.yml
+++ b/traefik/dynamic/middlewares.yml
@@ -119,10 +119,10 @@ http:
         realm: "LemonLink Secured"
 
     # ============================================================================
-    # CROWDSEC MIDDLEWARE
+    # CROWDSEC MIDDLEWARE (enable when using crowdsec-bouncer-traefik container)
     # ============================================================================
     
-    crowdsec-bouncer:
-      forwardAuth:
-        address: http://crowdsec-bouncer-traefik:8080/api/v1/forwardAuth
-        trustForwardHeader: true
+    # crowdsec-bouncer:
+    #   forwardAuth:
+    #     address: http://crowdsec-bouncer-traefik:8080/api/v1/forwardAuth
+    #     trustForwardHeader: true
diff --git a/traefik/traefik.yml b/traefik/traefik.yml
index 0c98d99..0ac5713 100644
--- a/traefik/traefik.yml
+++ b/traefik/traefik.yml
@@ -60,7 +60,7 @@ entryPoints:
             sans:
               - "*.lemonlink.eu"
       middlewares:
-        - crowdsec-bouncer@file
+        # - crowdsec-bouncer@file  # Enable when using CrowdSec bouncer
         - security-headers@file
         - rate-limit@file
     forwardedHeaders: