diff --git a/README.md b/README.md
index 3892ebc..4262f09 100644
--- a/README.md
+++ b/README.md
@@ -77,7 +77,7 @@ It is also possible to configure the allowlist via environment variables. The va
 
 If both commandline parameter and environment variable is configured for a particular HTTP method, the environment variable is ignored.
 
-Use Go's regexp syntax to create the patterns for these parameters. To avoid insecure configurations, the characters ^ at the beginning and $ at the end of the string are automatically added. Note: invalid regexp results in program termination.
+Use Go's regexp syntax to create the patterns for these parameters. To avoid insecure configurations, the characters ^ at the beginning and $ at the end of the string are automatically added. Note: invalid regexp results in program termination. It also will be expanded with environment variables.
 
 Examples (command line):
 + `'-allowGET=/v1\..{1,2}/(version|containers/.*|events.*)'` could be used for allowing access to the docker socket for Traefik v2.
diff --git a/internal/config/config.go b/internal/config/config.go
index 7cb7476..82db3ee 100644
--- a/internal/config/config.go
+++ b/internal/config/config.go
@@ -156,6 +156,11 @@ func InitConfig() (*Config, error) {
 	}
 	flag.Parse()
 
+	for i := range mr {
+		mr[i].regexStringFromParam = os.ExpandEnv(mr[i].regexStringFromParam)
+		mr[i].regexStringFromEnv = os.ExpandEnv(mr[i].regexStringFromEnv)
+	}
+
 	// check listenIP and proxyPort
 	if net.ParseIP(listenIP) == nil {
 		return nil, fmt.Errorf("invalid IP \"%s\" for listenip", listenIP)