diff --git a/apps/api/src/index.ts b/apps/api/src/index.ts
index 4b3b3998f..7eb745ae1 100644
--- a/apps/api/src/index.ts
+++ b/apps/api/src/index.ts
@@ -96,6 +96,12 @@ fastify.register(autoLoad, {
 
 fastify.register(cookie)
 fastify.register(cors);
+fastify.addHook('onRequest', async (request, reply) => {
+	console.log({ host: request.headers.host, origin: request.headers.origin })
+	if (!request.headers.origin && !request.headers.host.startsWith('host.docker.internal')) {
+		throw new Error('Invalid origin');
+	}
+})
 fastify.listen({ port, host }, async (err: any, address: any) => {
 	if (err) {
 		console.error(err);
diff --git a/apps/api/src/lib/common.ts b/apps/api/src/lib/common.ts
index 90b35cd12..45f513550 100644
--- a/apps/api/src/lib/common.ts
+++ b/apps/api/src/lib/common.ts
@@ -21,7 +21,7 @@ import { scheduler } from './scheduler';
 import { supportedServiceTypesAndVersions } from './services/supportedVersions';
 import { includeServices } from './services/common';
 
-export const version = '3.9.0';
+export const version = '3.9.1';
 export const isDev = process.env.NODE_ENV === 'development';
 
 const algorithm = 'aes-256-ctr';
diff --git a/apps/api/src/routes/webhooks/traefik/index.ts b/apps/api/src/routes/webhooks/traefik/index.ts
index f9c7ff4b8..3769c8eb3 100644
--- a/apps/api/src/routes/webhooks/traefik/index.ts
+++ b/apps/api/src/routes/webhooks/traefik/index.ts
@@ -1,4 +1,5 @@
 import { FastifyPluginAsync } from 'fastify';
+import { OnlyId } from '../../../types';
 import { remoteTraefikConfiguration, traefikConfiguration, traefikOtherConfiguration } from './handlers';
 import { TraefikOtherConfiguration } from './types';
 
@@ -6,7 +7,7 @@ const root: FastifyPluginAsync = async (fastify): Promise<void> => {
     fastify.get('/main.json', async (request, reply) => traefikConfiguration(request, reply));
     fastify.get<TraefikOtherConfiguration>('/other.json', async (request, reply) => traefikOtherConfiguration(request));
 
-    fastify.get('/remote/:id', async (request) => remoteTraefikConfiguration(request));
+    fastify.get<OnlyId>('/remote/:id', async (request) => remoteTraefikConfiguration(request));
 };
 
 export default root;
diff --git a/package.json b/package.json
index 2e6c23ed4..fc5b41203 100644
--- a/package.json
+++ b/package.json
@@ -1,7 +1,7 @@
 {
   "name": "coolify",
   "description": "An open-source & self-hostable Heroku / Netlify alternative.",
-  "version": "3.9.0",
+  "version": "3.9.1",
   "license": "Apache-2.0",
   "repository": "github:coollabsio/coolify",
   "scripts": {