Changed As it is the default configuration for Roundcube it is working like intended and we could leave it like this? I don't think its a rare use case but maybe it could be added to the documentation (which I always found very helpful).

@girish Went ahead and tried it and it works beautifully! Took a matter of seconds for it to load all my feeds. Really appreciate y'all's work on this. I'm becoming a bigger Cloudron fan by the minute

@ahkg the reason for whitelisting 172.18.0.1 give access to all requests, is that this is the ip of the Cloudron internal gateway into the subnet where all apps are running. Unfortunately for your case the cloudron healtcheck also comes via this gateway. I think your htaccess file needs to check for the X-Forwarded-For header to check against the correct inbound address.

Oh I pasted the wrong link apparently, fixed it now.