[keycloak-user] Securing keycloak

Hi list, Beside /auth/admin, are there any other URI that should be secured/restricted to limit attack surface for a public facing keycloak ? By the way, could it be useful to add a dedicated configuration entry directly inside keycloak to restrict IPs allowed to make to low-level actions ? Thanks, Ionel -- 232 avenue Napoleon BONAPARTE 92500 RUEIL MALMAISON Capital EUR 219 300,00 - RCS Nanterre B 408 832 301 - TVA FR 09 408 832 301