diff --git a/docs/root/manual/getting-started/run-signer-node.md b/docs/root/manual/getting-started/run-signer-node.md
index 3c8b80f7d44..7883750b421 100644
--- a/docs/root/manual/getting-started/run-signer-node.md
+++ b/docs/root/manual/getting-started/run-signer-node.md
@@ -370,6 +370,35 @@ acl SSL_port port 443
 # Allowed traffic
 http_access allow relay_internal_ip aggregator_domain SSL_port
 
+# Do not disclose block producer internal IP
+forwarded_for delete
+
+# Turn off via header
+via off
+ 
+# Deny request for original source of a request
+follow_x_forwarded_for deny all
+ 
+# Anonymize request headers
+request_header_access Authorization allow all
+request_header_access Proxy-Authorization allow all
+request_header_access Cache-Control allow all
+request_header_access Content-Length allow all
+request_header_access Content-Type allow all
+request_header_access Date allow all
+request_header_access Host allow all
+request_header_access If-Modified-Since allow all
+request_header_access Pragma allow all
+request_header_access Accept allow all
+request_header_access Accept-Charset allow all
+request_header_access Accept-Encoding allow all
+request_header_access Accept-Language allow all
+request_header_access Connection allow all
+request_header_access All deny all
+
+# Disable cache
+cache deny all
+
 # Deny everything else
 http_access deny all
 EOF'
@@ -379,6 +408,7 @@ With this configuration, the proxy will:
 - accept incoming traffic originating from the internal IP of the block-producing machine
 - accept incoming traffic directed to the listening port of the proxy
 - accept incoming HTTPS traffic proxied to `mithril.network` domain hosts
+- anonymize completely the traffic and avoid disclosing any information about the block-producing machine
 - deny all other traffic
 
 Restart the service:
diff --git a/docs/versioned_docs/version-maintained/manual/getting-started/run-signer-node.md b/docs/versioned_docs/version-maintained/manual/getting-started/run-signer-node.md
index 3c8b80f7d44..7883750b421 100644
--- a/docs/versioned_docs/version-maintained/manual/getting-started/run-signer-node.md
+++ b/docs/versioned_docs/version-maintained/manual/getting-started/run-signer-node.md
@@ -370,6 +370,35 @@ acl SSL_port port 443
 # Allowed traffic
 http_access allow relay_internal_ip aggregator_domain SSL_port
 
+# Do not disclose block producer internal IP
+forwarded_for delete
+
+# Turn off via header
+via off
+ 
+# Deny request for original source of a request
+follow_x_forwarded_for deny all
+ 
+# Anonymize request headers
+request_header_access Authorization allow all
+request_header_access Proxy-Authorization allow all
+request_header_access Cache-Control allow all
+request_header_access Content-Length allow all
+request_header_access Content-Type allow all
+request_header_access Date allow all
+request_header_access Host allow all
+request_header_access If-Modified-Since allow all
+request_header_access Pragma allow all
+request_header_access Accept allow all
+request_header_access Accept-Charset allow all
+request_header_access Accept-Encoding allow all
+request_header_access Accept-Language allow all
+request_header_access Connection allow all
+request_header_access All deny all
+
+# Disable cache
+cache deny all
+
 # Deny everything else
 http_access deny all
 EOF'
@@ -379,6 +408,7 @@ With this configuration, the proxy will:
 - accept incoming traffic originating from the internal IP of the block-producing machine
 - accept incoming traffic directed to the listening port of the proxy
 - accept incoming HTTPS traffic proxied to `mithril.network` domain hosts
+- anonymize completely the traffic and avoid disclosing any information about the block-producing machine
 - deny all other traffic
 
 Restart the service:
diff --git a/mithril-infra/assets/docker/squid/squid.conf b/mithril-infra/assets/docker/squid/squid.conf
index 47b051e9de5..004c079c44f 100644
--- a/mithril-infra/assets/docker/squid/squid.conf
+++ b/mithril-infra/assets/docker/squid/squid.conf
@@ -3,5 +3,34 @@
 # Listening port (port 3128 is recommended)
 http_port 3128
 
+# Do not disclose block producer internal IP
+forwarded_for delete
+
+# Turn off via header
+via off
+ 
+# Deny request for original source of a request
+follow_x_forwarded_for deny all
+ 
+# Anonymize request headers
+request_header_access Authorization allow all
+request_header_access Proxy-Authorization allow all
+request_header_access Cache-Control allow all
+request_header_access Content-Length allow all
+request_header_access Content-Type allow all
+request_header_access Date allow all
+request_header_access Host allow all
+request_header_access If-Modified-Since allow all
+request_header_access Pragma allow all
+request_header_access Accept allow all
+request_header_access Accept-Charset allow all
+request_header_access Accept-Encoding allow all
+request_header_access Accept-Language allow all
+request_header_access Connection allow all
+request_header_access All deny all
+
+# Disable cache
+cache deny all
+
 # Allowed traffic
 http_access allow all
\ No newline at end of file
diff --git a/mithril-infra/assets/infra.version b/mithril-infra/assets/infra.version
index a1e1395acab..84aa3a7dd73 100644
--- a/mithril-infra/assets/infra.version
+++ b/mithril-infra/assets/infra.version
@@ -1 +1 @@
-0.1.7
\ No newline at end of file
+0.1.8
\ No newline at end of file