diff --git a/Plugin/Magento/Framework/App/AreaList.php b/Plugin/Magento/Framework/App/AreaList.php
index 7428d11..c3ae01c 100644
--- a/Plugin/Magento/Framework/App/AreaList.php
+++ b/Plugin/Magento/Framework/App/AreaList.php
@@ -1,4 +1,5 @@
 <?php
+
 /**
  * Copyright © Magento, Inc. All rights reserved.
  * See COPYING.txt for license details.
@@ -8,12 +9,22 @@
 namespace Magento\UpwardConnector\Plugin\Magento\Framework\App;
 
 use Magento\Framework\App\Config\ScopeConfigInterface;
+use Magento\Framework\App\Request\Http as Request;
 use Magento\Framework\App\ObjectManager;
 use Magento\Store\Model\ScopeInterface;
 use Magento\UpwardConnector\Api\UpwardPathManagerInterface;
 
 class AreaList
 {
+    public const UPWARD_HEADER = 'UpwardProxied';
+
+    public const UPWARD_ENV_HEADER = 'UPWARD_PHP_PROXY_HEADER';
+
+    /**
+     * @var \Magento\Framework\App\Request\Http
+     */
+    private $request;
+
     /**
      * @var ScopeConfigInterface
      */
@@ -30,13 +41,16 @@ class AreaList
     const UPWARD_CONFIG_PATH_FRONT_NAMES_TO_SKIP = 'web/upward/front_names_to_skip';
 
     /**
+     * @param Request $httpRequest
      * @param \Magento\Framework\App\Config\ScopeConfigInterface $scopeConfig
      * @param \Magento\UpwardConnector\Api\UpwardPathManagerInterface|null $pathManager
      */
     public function __construct(
+        Request $httpRequest,
         ScopeConfigInterface $scopeConfig,
         ?UpwardPathManagerInterface $pathManager = null
     ) {
+        $this->request = $httpRequest;
         $this->scopeConfig = $scopeConfig;
         $this->pathManager = $pathManager ?: ObjectManager::getInstance()->get(UpwardPathManagerInterface::class);
     }
@@ -56,7 +70,6 @@ public function afterGetCodeByFrontName(
         $result,
         $frontName
     ) {
-
         if ($result !== 'frontend') {
             return $result;
         }
@@ -73,6 +86,13 @@ public function afterGetCodeByFrontName(
             ) ?? ''
         );
 
+        $upwardProxyEnv = getenv(self::UPWARD_ENV_HEADER);
+
+        /** $upwardProxyEnv needs to be truthy because getenv returns "false" if it didn't find it */
+        if ($upwardProxyEnv && $this->request->getHeader(self::UPWARD_HEADER) === $upwardProxyEnv) {
+            return $result;
+        }
+
         if ($frontName && in_array($frontName, $frontNamesToSkip)) {
             return $result;
         }
diff --git a/README.md b/README.md
index 9a50836..8e15609 100644
--- a/README.md
+++ b/README.md
@@ -19,6 +19,20 @@ The Magento 2 UPWARD connector has additional settings that can be configured in
 
 These are the configurations for the UPWARD process itself.
 
+#### UPWARD Environment variable
+
+This environment variable is meant to allow a secure way for Magento2 to distinguish a request which went through the UPWARD Proxy, and a "natural" request.
+
+```
+# bash
+export UPWARD_PHP_PROXY_HEADER='arbitrary_security_string' # preferably random, unique and longer than 16 characters
+
+# nginx conf
+fastcgi_param  UPWARD_PHP_PROXY_HEADER "arbitrary_security_string";
+
+```
+
+
 #### UPWARD Config File
 
 This configuration is the location of the UPWARD configuration file for the UPWARD-PHP server.