testarena.nabd-co.com {
    # Reverse proxy to TestArena web container
    reverse_proxy testarena_web:5000
    
    # Optional: Enable compression
    encode gzip
    
    # Optional: Add security headers
    header {
        # Enable HSTS
        Strict-Transport-Security "max-age=31536000; includeSubDomains; preload"
        # Prevent clickjacking
        X-Frame-Options "SAMEORIGIN"
        # Prevent MIME sniffing
        X-Content-Type-Options "nosniff"
        # Enable XSS protection
        X-XSS-Protection "1; mode=block"
    }
    
    # Optional: Logging
    log {
        output file /var/log/caddy/testarena.log
        format json
    }
}