diff --git a/.github/dependabot.yml b/.github/dependabot.yml
index e83da1ae..bb3a8d34 100644
--- a/.github/dependabot.yml
+++ b/.github/dependabot.yml
@@ -4,12 +4,63 @@ updates:
   - package-ecosystem: "github-actions"
     directory: "/"
     schedule:
-      interval: "daily"
+      interval: "weekly"
   - package-ecosystem: docker
     directory: /
     schedule:
-      interval: "daily"
-  - package-ecosystem: gomod
-    directory: /
+      interval: "weekly"
+  - # Servers data dependency that should be updated as soon as
+    # possible when a new version is released, to have the latest
+    # servers available
+    package-ecosystem: "gomod"
+    directory: "/"
     schedule:
       interval: "daily"
+    allow:
+      - dependency-name: "github.com/qdm12/gluetun-servers"
+  - # non important dependencies that do not need to be updated.
+    package-ecosystem: gomod
+    directory: /
+    schedule:
+      interval: "quarterly"
+    allow:
+      - dependency-name: "github.com/breml/rootcerts"
+      - dependency-name: "github.com/fatih/color"
+      - dependency-name: "github.com/golang/mock"
+      - dependency-name: "github.com/klauspost/compress"
+      - dependency-name: "github.com/klauspost/pgzip"
+      - dependency-name: "github.com/pelletier/go-toml/v2"
+      - dependency-name: "github.com/qdm12/goshutdown"
+      - dependency-name: "github.com/qdm12/gosplash"
+      - dependency-name: "github.com/qdm12/gotree"
+      - dependency-name: "github.com/qdm12/log"
+      - dependency-name: "github.com/stretchr/testify"
+      - dependency-name: "github.com/ulikunitz/xz"
+      - dependency-name: "gopkg.in/ini.v1"
+  - # The rest of Go modules are important and should be checked every week,
+    # instead of daily, to give a bit of time to avoid supply chain attacks.
+    package-ecosystem: gomod
+    directory: /
+    schedule:
+      interval: "weekly"
+    ignore:
+      - # In particular avoid amneziawg-go which have v1.x.y versions available
+        # on the Go modules proxy, but are not in the Github repository tags
+        # and are not the latest releases either. Most likely a mistake from the
+        # maintainers, which is persisted on the Go proxy.
+        dependency-name: "github.com/amnezia-vpn/amneziawg-go"
+        versions: ["1.x"]
+      - dependency-name: "github.com/qdm12/gluetun-servers"
+      - dependency-name: "github.com/breml/rootcerts"
+      - dependency-name: "github.com/fatih/color"
+      - dependency-name: "github.com/golang/mock"
+      - dependency-name: "github.com/klauspost/compress"
+      - dependency-name: "github.com/klauspost/pgzip"
+      - dependency-name: "github.com/pelletier/go-toml/v2"
+      - dependency-name: "github.com/qdm12/goshutdown"
+      - dependency-name: "github.com/qdm12/gosplash"
+      - dependency-name: "github.com/qdm12/gotree"
+      - dependency-name: "github.com/qdm12/log"
+      - dependency-name: "github.com/stretchr/testify"
+      - dependency-name: "github.com/ulikunitz/xz"
+      - dependency-name: "gopkg.in/ini.v1"