diff --git a/docker-compose.prod.yml b/docker-compose.prod.yml
index 47e4ea4..3003530 100644
--- a/docker-compose.prod.yml
+++ b/docker-compose.prod.yml
@@ -6,20 +6,19 @@ services:
     command: "--http=0.0.0.0:8090 --dir=/htwkalender/data/pb_data"
     pull_policy: always
     restart: always
-    # open port 8090
-    ports:
-      - "8090:8090"
     volumes:
       - pb_data:/htwkalender/data
+    networks:
+      - "net"
 
   htwkalender-frontend:
     image: DOCKER_REGISTRY_REPO:frontend # DOCKER_REGISTRY_REPO will be replaced by CI
     pull_policy: always
     restart: always
-    ports:
-      - "8000:8000"
     depends_on:
       - htwkalender-backend
+    networks:
+      - "net"
 
   rproxy:
     image: bitnami/nginx:1.25
@@ -31,6 +30,12 @@ services:
       - htwkalender-frontend
     ports:
       - "80:80"
+    networks:
+      - "net"
 
 volumes:
   pb_data:
+
+networks:
+  net:
+    external: true
\ No newline at end of file
diff --git a/reverseproxy.conf b/reverseproxy.conf
index 79e4081..04f63a6 100644
--- a/reverseproxy.conf
+++ b/reverseproxy.conf
@@ -34,6 +34,10 @@ http {
     set_real_ip_from 2405:8100::/32;
     set_real_ip_from 2a06:98c0::/29;
     set_real_ip_from 2c0f:f248::/32;
+
+    # Docker IP Ranges (https://docs.docker.com/network/iptables/)
+    set_real_ip_from 172.16.0.0/12;
+
     real_ip_header CF-Connecting-IP;
 
     access_log  /opt/bitnami/nginx/logs/proxy_access.log;
@@ -204,6 +208,8 @@ http {
             if ($admin) {
                 return 404 "Not Found";
             }
+            # Increase upload file size
+            client_max_body_size 100m;
         }
 
         location / {