diff --git a/README.md b/README.md
index 81bf09c..8c1aceb 100644
--- a/README.md
+++ b/README.md
@@ -128,6 +128,8 @@ extremely critical but can expose some information that your service does not ne
 -   `ALLOW_START` (containers/`id`/`start`)
 -   `ALLOW_STOP` (containers/`id`/`stop`)
 -   `ALLOW_RESTARTS` (containers/`id`/`stop`|`restart`|`kill`)
+-   `ALLOW_PAUSE` (containers/`id`/`pause`)
+-   `ALLOW_UNPAUSE` (containers/`id`/`unpause`)
 -   `DISTRIBUTION`
 -   `EXEC`
 -   `GRPC`
diff --git a/haproxy.cfg b/haproxy.cfg
index 9d0da3e..d61b1d4 100644
--- a/haproxy.cfg
+++ b/haproxy.cfg
@@ -51,6 +51,8 @@ frontend dockerfrontend
     http-request allow if { path,url_dec -m reg -i ^(/v[\d\.]+)?/containers/[a-zA-Z0-9_.-]+/((stop)|(restart)|(kill)) } { env(ALLOW_RESTARTS) -m bool }
     http-request allow if { path,url_dec -m reg -i ^(/v[\d\.]+)?/containers/[a-zA-Z0-9_.-]+/start } { env(ALLOW_START) -m bool }
     http-request allow if { path,url_dec -m reg -i ^(/v[\d\.]+)?/containers/[a-zA-Z0-9_.-]+/stop } { env(ALLOW_STOP) -m bool }
+    http-request allow if { path,url_dec -m reg -i ^(/v[\d\.]+)?/containers/[a-zA-Z0-9_.-]+/pause } { env(ALLOW_PAUSE) -m bool }
+    http-request allow if { path,url_dec -m reg -i ^(/v[\d\.]+)?/containers/[a-zA-Z0-9_.-]+/unpause } { env(ALLOW_UNPAUSE) -m bool }
     http-request allow if { path,url_dec -m reg -i ^(/v[\d\.]+)?/auth } { env(AUTH) -m bool }
     http-request allow if { path,url_dec -m reg -i ^(/v[\d\.]+)?/build } { env(BUILD) -m bool }
     http-request allow if { path,url_dec -m reg -i ^(/v[\d\.]+)?/commit } { env(COMMIT) -m bool }