Hi, thanks for your response.
I already have a reverse proxy running in front of Bitwarden’s Docker setup: HAProxy.
I finally added a rule to filter requests based on Referer-Header and rewrite requests coming from Bitwarden accordingly. Might not be the most secure option, but since I’m in a private network I think it’s okay.