Hi,
Currently running Traefik 2.2. I am using docker-compose.yml, traefik.yml and dynamic.yml as a file provider.
I have created 2 middlewares, one to provide basic authentication and the other to provide security headers. Here is what they look like in the dynamic.yml file:
http:
middlewares:
testauth:
basicAuth:
users:
- "user:password"
security:
headers:
forceSTSHeader: true
frameDeny: true
sslRedirect: true
stsPreload: true
contentTypeNosniff: true
browserXssFilter: true
stsIncludeSubdomains: true
stsSeconds: 315360000
Separately they work great but I cannot get them to apply together to a router. I have tried with a chain in my dynamic.yml:
allin:
chain:
middlewares:
- security
- testauth
and then the following in the docker-compose file:
- "traefik.http.routers.whoami.middlewares=allin@file"
When I check in my dashboard the chain is correctly applied but the headers middleware is not being applied, only basicAuth
So I tried by calling both middleware by their labels in the docker-compose.yml
- "traefik.http.routers.whoami.middlewares=security@file,testauth@file"
Still the headers doesn't get applied even if they are both shown as being applied to the router in the dashboard.
I must be missing something obvious but I couldn't find a solution.Could it be that the testing results I am receiving from websites such as ssl labs are wrong because of the authentication being applied so they never get to read the headers?
Thanks in advance. Apologies for the formatting, trying to fix it.