diff --git a/haproxy-acme.nix b/haproxy-acme.nix
index 69ebf9c..cb9ca95 100644
--- a/haproxy-acme.nix
+++ b/haproxy-acme.nix
@@ -59,9 +59,11 @@ frontend public
   bind :::443 v4v6 ssl crt /var/lib/acme/${cfg.domaine}/full.pem alpn h2,http/1.1
   mode http
   acl letsencrypt-acl path_beg /.well-known/acme-challenge/
+  acl haproxy-acl path_beg /haproxy
   redirect scheme https code 301 if !{ ssl_fc } !letsencrypt-acl
   http-response set-header Strict-Transport-Security max-age=15768000
   use_backend letsencrypt-backend if letsencrypt-acl
+  use_backend haproxy_stats if haproxy-acl
 
 ${concatStrings (
   mapAttrsToList (name: value:
@@ -72,6 +74,12 @@ ${concatStrings (
 backend letsencrypt-backend
   mode http
   server letsencrypt 127.0.0.1:${toString nginx_port}
+backend haproxy_stats
+  mode http
+  stats enable
+  stats hide-version
+  acl AuthOK_LOUTRE http_auth(LOUTRE)
+  http-request auth realm LOUTRE if !AuthOK_LOUTRE
 
 ${concatStrings (
   mapAttrsToList (name: value: