diff --git a/README.md b/README.md
index a705d65..c932598 100644
--- a/README.md
+++ b/README.md
@@ -142,6 +142,8 @@ can expose some information that your service does not need.
 | `TASKS`        | `NETWORKS_PRUNE`      |                     |
 | `VOLUMES`      | `NETWORKS_CONNECT`    |                     |
 |                | `NETWORKS_DISCONNECT` |                     |
+|                | `IMAGES_CREATE`       |                     |
+|                | `IMAGES_PRUNE`        |                     |
 
 `ALLOW_RESTARTS` allows to `kill`, `stop` and `restart` containers
 
diff --git a/haproxy.cfg b/haproxy.cfg
index bdf4c83..7d77bd7 100644
--- a/haproxy.cfg
+++ b/haproxy.cfg
@@ -82,6 +82,8 @@ frontend dockerfrontend
     http-request allow if { path,url_dec -m reg -i ^(/v[\d\.]+)?/volumes/prune } { env(VOLUMES_PRUNE) -m bool }
     http-request allow if { path,url_dec -m reg -i ^(/v[\d\.]+)?/networks/create } { env(NETWORKS_CREATE) -m bool }
     http-request allow if { path,url_dec -m reg -i ^(/v[\d\.]+)?/networks/prune } { env(NETWORKS_PRUNE) -m bool }
+    http-request allow if { path,url_dec -m reg -i ^(/v[\d\.]+)?/images/create } { env(IMAGES_CREATE) -m bool }
+    http-request allow if { path,url_dec -m reg -i ^(/v[\d\.]+)?/images/prune } { env(IMAGES_PRUNE) -m bool }
     http-request allow if { path,url_dec -m reg -i ^(/v[\d\.]+)?/networks/[a-zA-Z0-9_.-]+/connect } { env(NETWORKS_CONNECT) -m bool } 
     http-request allow if { path,url_dec -m reg -i ^(/v[\d\.]+)?/networks/[a-zA-Z0-9_.-]+/disconnect } { env(NETWORKS_DISCONNECT) -m bool }