Need some suggestion on my traefik config

I am using the below traefik docker compose for reverse proxy. I don't quite understand everything from it at the moment. Just came up with it from a bunch of tutorials. Just wanted to ensure that i am not using anything unwanted in my config or maybe something that could be further added to improve security/performance ?

traefik:
  image: traefik:v3.0
  container_name: traefik
  restart: unless-stopped
  command:
    - --global.sendanonymoususage=false
    - --api=true
    - --entrypoints.web.address=:80
    - --entrypoints.web.http.redirections.entrypoint.to=websecure
    - --entrypoints.web.http.redirections.entrypoint.scheme=https
    - --entrypoints.web.http.redirections.entrypoint.permanent=true
    - --entrypoints.websecure.address=:443
    - --entrypoints.websecure.asDefault=true
    - --entrypoints.websecure.http.tls=true
    - --providers.docker=true
    - --providers.docker.exposedbydefault=false
    - --providers.file.filename=/traefik/config.toml
    - --log.level=DEBUG
  ports:
    - 80:80
    - 443:443
  volumes:
    - /var/run/docker.sock:/var/run/docker.sock:ro
    - /etc/letsencrypt:/etc/letsencrypt
    - /opt/containers/traefik:/traefik
  labels:
    - traefik.enable=true
    - traefik.http.routers.traefik.rule=Host(`traefik.xd003.site`)
    - traefik.http.routers.traefik.service=api@internal
    - traefik.http.routers.traefik.middlewares=authtraefik
    - traefik.http.middlewares.authtraefik.basicauth.users=user:pass

config.toml just contains the path to my certFile & keyFile generated by certbot

whichever docker container, i want to reverse proxy, i just add the following to the label section of docker compose for that particular container

- traefik.enable=true
- traefik.http.routers.container.rule=Host(`$subdomain.domain.com`)
- traefik.http.services.container.loadbalancer.server.port=port