Chained ForwardAuth middlewares cause request timeouts and silent failures

When chaining two ForwardAuth-based middlewares (e.g., Authelia SSO and CrowdSec bouncer plugin) in Traefik v3, requests timeout or fail silently with no error page or auth prompt. Logs show both middlewares executing, but request context gets corrupted between them. In v3, the second ForwardAuth middleware receives the original request context, not the modified request from the first middleware.

Move CrowdSec to network layer using firewall bouncer on the host running Traefik. Install crowdsec-firewall-bouncer-iptables, configure it to poll the CrowdSec API, and remove CrowdSec from Traefik's middleware chain. Keep only Authelia in Traefik middlewares. Configure CrowdSec agent to parse Traefik access logs for decision-making.