diff --git a/.env b/.env
index 8b6f64d..275aa33 100644
--- a/.env
+++ b/.env
@@ -19,7 +19,7 @@
 # TRAEFIK_CERTRESOLVER=letsencrypt
 
 # Middleware de autenticación (SSO, etc.)
-# TRAEFIK_AUTH_MIDDLEWARE=authentik@docker
+# TRAEFIK_AUTH_MIDDLEWARE=ths-authentik@docker
 
 # Dominios de ejemplo (cámbialos por los tuyos)
 # PORTAINER_DOMAIN=portainer.example.com
diff --git a/README.md b/README.md
index 7b1ce22..1ab81fa 100644
--- a/README.md
+++ b/README.md
@@ -165,7 +165,7 @@ Variables principales a configurar:
 - `PORTAINER_DOMAIN`: Tu dominio para Portainer UI (ej: `portainer.tudominio.com`)
 - `PORTAINER_API_DOMAIN`: Tu dominio para la API de Portainer (ej: `portainer-api.tudominio.com`)
 - `PORTAINER_API_IP_WHITELIST`: IPs permitidas para acceso directo a la API
-- `TRAEFIK_AUTH_MIDDLEWARE`: Middleware de autenticación (ej: `authentik@docker`)
+- `TRAEFIK_AUTH_MIDDLEWARE`: Middleware de autenticación (ej: `ths-authentik@docker`)
 
 ### Paso 10: Actualizar Stack de Portainer (Opcional)
 
@@ -250,7 +250,7 @@ PORTAINER_API_DOMAIN=portainer-api.example.com
 
 # Seguridad
 PORTAINER_API_IP_WHITELIST=10.8.0.0/24,172.18.0.1/32
-TRAEFIK_AUTH_MIDDLEWARE=authentik@docker
+TRAEFIK_AUTH_MIDDLEWARE=ths-authentik@docker
 ```
 
 ### Configuraciones por Stack
diff --git a/Traefik/README.md b/Traefik/README.md
index 5114649..74e4860 100644
--- a/Traefik/README.md
+++ b/Traefik/README.md
@@ -121,7 +121,7 @@ labels:
   traefik.http.routers.dashboard.entrypoints: "websecure"
   traefik.http.routers.dashboard.tls.certresolver: "letsencrypt"
   traefik.http.routers.dashboard.service: "api@internal"
-  traefik.http.routers.dashboard.middlewares: "authentik@docker"
+  traefik.http.routers.dashboard.middlewares: "ths-authentik@docker"
 ```
 
 **Opción 2: Acceso local (inseguro - solo desarrollo)**
@@ -165,7 +165,7 @@ services:
       traefik.http.services.mi-servicio.loadbalancer.server.port: "80"
       
       # Middleware (opcional)
-      traefik.http.routers.mi-servicio.middlewares: "authentik@docker"
+      traefik.http.routers.mi-servicio.middlewares: "ths-authentik@docker"
 
 networks:
   proxy:
@@ -180,7 +180,7 @@ labels:
   traefik.http.routers.app-ui.rule: "Host(`app.tudominio.com`)"
   traefik.http.routers.app-ui.entrypoints: "websecure"
   traefik.http.routers.app-ui.tls.certresolver: "letsencrypt"
-  traefik.http.routers.app-ui.middlewares: "authentik@docker"
+  traefik.http.routers.app-ui.middlewares: "ths-authentik@docker"
   traefik.http.routers.app-ui.priority: "10"
   
   # API pública sin protección
diff --git a/adguard/README.md b/adguard/README.md
index cd6ec81..7062575 100644
--- a/adguard/README.md
+++ b/adguard/README.md
@@ -89,7 +89,7 @@ ADGUARD_CERT_KEY_PATH=/opt/adguard/certs/adguard.key
 TRAEFIK_DOCKER_NETWORK=proxy
 TRAEFIK_ENTRYPOINT_SECURE=websecure
 TRAEFIK_CERTRESOLVER=letsencrypt
-TRAEFIK_AUTH_MIDDLEWARE=authentik@docker
+TRAEFIK_AUTH_MIDDLEWARE=ths-authentik@docker
 ```
 
 ## ⚙️ Configuración Post-Instalación
diff --git a/authentik/README.md b/authentik/README.md
index 589bad5..4bedb6c 100644
--- a/authentik/README.md
+++ b/authentik/README.md
@@ -203,7 +203,7 @@ Una vez configurado el middleware, añade la label a los servicios que quieras p
 
 ```yaml
 labels:
-  traefik.http.routers.portainer.middlewares: "authentik@docker"
+  traefik.http.routers.portainer.middlewares: "ths-authentik@docker"
 ```
 
 O si definiste el middleware en archivo:
diff --git a/authentik/docker-compose.yml b/authentik/docker-compose.yml
index d6cf412..2278071 100644
--- a/authentik/docker-compose.yml
+++ b/authentik/docker-compose.yml
@@ -67,7 +67,7 @@ services:
       traefik.http.routers.ths-authentik.tls.certresolver: "${TRAEFIK_CERTRESOLVER}"
       traefik.http.routers.ths-authentik.service: "ths-authentik"
 
-      # Middleware forwardAuth (para proteger otros servicios) -> usar ths-authentik@docker en tus stacks THS
+      # Middleware forwardAuth (para proteger otros servicios) -> usar ths-ths-authentik@docker en tus stacks THS
       traefik.http.middlewares.ths-authentik.forwardauth.address: "http://ths-authentik-server:${AUTHENTIK_HTTP_PORT}/outpost.goauthentik.io/auth/traefik"
       traefik.http.middlewares.ths-authentik.forwardauth.trustForwardHeader: "true"
       traefik.http.middlewares.ths-authentik.forwardauth.authResponseHeaders: "X-Authentik-Username,X-Authentik-Groups,X-Authentik-Email,X-Authentik-Uid,X-Authentik-Jwt"
diff --git a/docker-compose.yml b/docker-compose.yml
index dd87b5e..8660512 100644
--- a/docker-compose.yml
+++ b/docker-compose.yml
@@ -35,7 +35,7 @@ services:
       traefik.http.routers.portainer.rule: "Host(`${PORTAINER_DOMAIN:-portainer.example.com}`)"
       traefik.http.routers.portainer.entrypoints: "${TRAEFIK_ENTRYPOINT_SECURE:-websecure}"
       traefik.http.routers.portainer.tls.certresolver: "${TRAEFIK_CERTRESOLVER:-letsencrypt}"
-      traefik.http.routers.portainer.middlewares: "${TRAEFIK_AUTH_MIDDLEWARE:-authentik@docker}"
+      traefik.http.routers.portainer.middlewares: "${TRAEFIK_AUTH_MIDDLEWARE:-ths-authentik@docker}"
       traefik.http.services.portainer.loadbalancer.server.port: "${PORTAINER_HTTP_PORT:-9000}"
 
       #########################################################
diff --git a/media-server/README.md b/media-server/README.md
index 19e57ac..21a69cd 100644
--- a/media-server/README.md
+++ b/media-server/README.md
@@ -81,7 +81,7 @@ TRAEFIK_ENABLE=true
 TRAEFIK_ENTRYPOINTS=websecure
 TRAEFIK_TLS=true
 TRAEFIK_CERTRESOLVER=letsencrypt
-AUTH_MIDDLEWARE=authentik@docker
+AUTH_MIDDLEWARE=ths-authentik@docker
 
 # Dominios - Personaliza según tu dominio
 DOMAIN=tudominio.com
@@ -188,7 +188,7 @@ En **Sonarr** y **Radarr**:
 
 ### 8. Integración con Authentik (SSO)
 
-Todos los servicios están protegidos con Authentik por defecto mediante el middleware `authentik@docker`.
+Todos los servicios están protegidos con Authentik por defecto mediante el middleware `ths-authentik@docker`.
 
 Para personalizar el acceso:
 
diff --git a/media-server/docker-compose.yml b/media-server/docker-compose.yml
index 90a5486..7789cd7 100644
--- a/media-server/docker-compose.yml
+++ b/media-server/docker-compose.yml
@@ -38,7 +38,7 @@ services:
       - traefik.http.routers.prowlarr.entrypoints=websecure
       - traefik.http.routers.prowlarr.tls=true
       - traefik.http.routers.prowlarr.tls.certresolver=letsencrypt
-      - traefik.http.routers.prowlarr.middlewares=authentik@docker
+      - traefik.http.routers.prowlarr.middlewares=ths-authentik@docker
       - traefik.http.services.prowlarr.loadbalancer.server.port=9696
 
   jackett:
@@ -61,7 +61,7 @@ services:
       - traefik.http.routers.jackett.entrypoints=websecure
       - traefik.http.routers.jackett.tls=true
       - traefik.http.routers.jackett.tls.certresolver=letsencrypt
-      - traefik.http.routers.jackett.middlewares=authentik@docker
+      - traefik.http.routers.jackett.middlewares=ths-authentik@docker
       - traefik.http.services.jackett.loadbalancer.server.port=9117
 
   sonarr:
@@ -86,7 +86,7 @@ services:
       - traefik.http.routers.sonarr.entrypoints=websecure
       - traefik.http.routers.sonarr.tls=true
       - traefik.http.routers.sonarr.tls.certresolver=letsencrypt
-      - traefik.http.routers.sonarr.middlewares=authentik@docker
+      - traefik.http.routers.sonarr.middlewares=ths-authentik@docker
       - traefik.http.services.sonarr.loadbalancer.server.port=8989
 
   radarr:
@@ -111,7 +111,7 @@ services:
       - traefik.http.routers.radarr.entrypoints=websecure
       - traefik.http.routers.radarr.tls=true
       - traefik.http.routers.radarr.tls.certresolver=letsencrypt
-      - traefik.http.routers.radarr.middlewares=authentik@docker
+      - traefik.http.routers.radarr.middlewares=ths-authentik@docker
       - traefik.http.services.radarr.loadbalancer.server.port=7878
 
   jellyseerr:
@@ -133,7 +133,7 @@ services:
       - traefik.http.routers.jellyseerr.entrypoints=websecure
       - traefik.http.routers.jellyseerr.tls=true
       - traefik.http.routers.jellyseerr.tls.certresolver=letsencrypt
-      - traefik.http.routers.jellyseerr.middlewares=authentik@docker
+      - traefik.http.routers.jellyseerr.middlewares=ths-authentik@docker
       - traefik.http.services.jellyseerr.loadbalancer.server.port=5055
 
   # Opcional: Jellyfin en VPS (sin GPU)
@@ -161,6 +161,6 @@ services:
       - traefik.http.routers.jellyfin.entrypoints=websecure
       - traefik.http.routers.jellyfin.tls=true
       - traefik.http.routers.jellyfin.tls.certresolver=letsencrypt
-      - traefik.http.routers.jellyfin.middlewares=authentik@docker
+      - traefik.http.routers.jellyfin.middlewares=ths-authentik@docker
       - traefik.http.services.jellyfin.loadbalancer.server.port=8096
 
diff --git a/ruleta/README.md b/ruleta/README.md
index 9424271..7a64920 100644
--- a/ruleta/README.md
+++ b/ruleta/README.md
@@ -135,10 +135,10 @@ Edita el `docker-compose.yml` y descomenta:
 ```yaml
 labels:
   # Para subdominio
-  traefik.http.routers.ruleta-sub.middlewares: "authentik@docker"
+  traefik.http.routers.ruleta-sub.middlewares: "ths-authentik@docker"
   
   # Para path (requiere cadena de middlewares)
-  traefik.http.routers.ruleta-path.middlewares: "authentik@docker,ruleta-strip@docker"
+  traefik.http.routers.ruleta-path.middlewares: "ths-authentik@docker,ruleta-strip@docker"
 ```
 
 ### Opción 2: Proteger Solo Ciertas Rutas
@@ -152,7 +152,7 @@ traefik.http.routers.ruleta-public.priority: "20"
 
 # Router para rutas protegidas
 traefik.http.routers.ruleta-private.rule: "Host(`ruleta.tudominio.com`) && PathPrefix(`/admin`)"
-traefik.http.routers.ruleta-private.middlewares: "authentik@docker"
+traefik.http.routers.ruleta-private.middlewares: "ths-authentik@docker"
 traefik.http.routers.ruleta-private.priority: "30"
 ```
 
diff --git a/ruleta/docker-compose.yml b/ruleta/docker-compose.yml
index c101688..598cb2d 100644
--- a/ruleta/docker-compose.yml
+++ b/ruleta/docker-compose.yml
@@ -48,8 +48,8 @@ services:
 
       # Proteger con Authentik (si quieres habilitarlo)
       # OJO: si lo activas, ponlo en ambos routers o usa una cadena.
-      # traefik.http.routers.ruleta-sub.middlewares: "authentik@docker"
-      # traefik.http.routers.ruleta-path.middlewares: "authentik@docker,ruleta-strip@docker"
+      # traefik.http.routers.ruleta-sub.middlewares: "ths-authentik@docker"
+      # traefik.http.routers.ruleta-path.middlewares: "ths-authentik@docker,ruleta-strip@docker"
 
 networks:
   proxy:
diff --git a/wireguard/README.md b/wireguard/README.md
index aad47be..f2ce84a 100644
--- a/wireguard/README.md
+++ b/wireguard/README.md
@@ -83,7 +83,7 @@ WG_DOMAIN=vpn-admin.tudominio.com
 TRAEFIK_DOCKER_NETWORK=proxy
 TRAEFIK_ENTRYPOINT_SECURE=websecure
 TRAEFIK_CERTRESOLVER=letsencrypt
-TRAEFIK_AUTH_MIDDLEWARE=authentik@docker
+TRAEFIK_AUTH_MIDDLEWARE=ths-authentik@docker
 ```
 
 > **⚠️ Importante**: