diff --git a/caddy/Caddyfile b/caddy/Caddyfile
index 575bd6d..1a62eed 100644
--- a/caddy/Caddyfile
+++ b/caddy/Caddyfile
@@ -23,9 +23,23 @@ ductcalc.pro {
 		dns cloudflare {env.CF_AUTH_TOKEN}
 		resolvers 1.1.1.1
 	}
-
 	log
-	crowdsec
-	appsec
-	reverse_proxy http://ductcalc:8080
+	route {
+		crowdsec
+		appsec
+		reverse_proxy http://ductcalc:8080
+	}
+}
+
+hvac-toolbox.com {
+	tls {
+		dns cloudflare {env.CF_AUTH_TOKEN}
+		resolvers 1.1.1.1
+	}
+	log
+	route {
+		crowdsec
+		appsec
+		reverse_proxy http://hvactoolbox:8080
+	}
 }
diff --git a/compose.yaml b/compose.yaml
index 0c775b9..6d5a2fe 100644
--- a/compose.yaml
+++ b/compose.yaml
@@ -39,6 +39,7 @@ services:
     volumes:
       - crowdsec_db:/var/lib/crowdsec/data/
       - ./crowdsec/acquis.yaml:/etc/crowdsec/acquis.yaml
+      - ./crowdsec/acquis.d:/etc/crowdsec/acquis.d
       - caddy_logs:/var/log/caddy:ro
     networks:
       - proxy
diff --git a/crowdsec/appsec.yaml b/crowdsec/acquis.d/appsec.yaml
similarity index 60%
rename from crowdsec/appsec.yaml
rename to crowdsec/acquis.d/appsec.yaml
index 2494989..32acbcd 100644
--- a/crowdsec/appsec.yaml
+++ b/crowdsec/acquis.d/appsec.yaml
@@ -1,5 +1,6 @@
 appsec_config: crowdsecurity/appsec-default
 labels:
   type: appsec
-listen_addr: 127.0.0.1:7422
+listen_addr: 0.0.0.0:7422
 source: appsec
+name: caddy-appsec-listener