Hi, I’m using traefik 3.5.0 and can’t manage to secure the dashboard with the basicAuth middleware
Using curl I get 401 Unauthorized
But using firefox I can go to the dashboard without auth
The passwd is not cached
I’ve tried with different devices and all let me access the dashboard without auth
If I use Chromium the middleware works
But with firefox I don’t need anything it just let me in
the middleware works on a router for a httpd basic service
my config looks like this :
config.toml
[api]
dashboard = true
disabledashboardad = true
[certificatesResolvers.cloudflare.acme]
email = "example@example.com"
storage = "/var/lib/traefik/acme.json"
[certificatesResolvers.cloudflare.acme.dnsChallenge]
provider = "cloudflare"
resolvers = ["xxx.xxx.xxx.xxx"]
[certificatesResolvers.cloudflare.acme.dnsChallenge.propagation]
delayBeforeChecks = 15
[entryPoints.ext]
address = ":880"
[entryPoints.extSec]
address = ":4443"
[entryPoints.local]
address = ":80"
[entryPoints.localSec]
address = ":443"
[log]
level = "TRACE"
[providers.file]
filename = "dynamic-config.toml"
dynamic-config.toml
[http.middlewares.dashboard-auth.basicAuth]
users = ["user:hashedpasswd"]
[http.routers.httpd]
entryPoints = ["localSec"]
middlewares = ["dashboard-auth"]
rule = "Host(`httpd.example.com`)"
service = "httpd"
[http.routers.httpd.tls]
certResolver = "cloudflare"
[http.routers.traefik]
entryPoints = ["localSec"]
middlewares = ["dashboard-auth"]
rule = "Host(`traefik.example.com`) && (PathPrefix(`/api`) || PathPrefix(`/dashboard`))"
service = "api@internal"
[http.routers.traefik.tls]
certResolver = "cloudflare"
[[http.services.httpd.loadBalancer.servers]]
url = "http://192.168.xxx.xxx"
when I go to traefik.example.com the logs shows
Authentication succeeded middlewareName=dashboard-auth@file middlewareType=BasicAuth
I can’t find why it allow the connection even with the higher level of log