and - "traefik.http.routers.adminsec.middlewares=secHeaders@file"
to both containers labels and traefik labels still shows a B grade on ssl labs, indicating something is overriding this configuration.
I believe this may be due to the webserver is still supplying the default traefik cert when no sni is sent to the domain. (but when sni is sent to the domain, I think it responds with correct cyphers, however, I am unsure how to test this).
https://adminsecurity.guru/traefik-v2-ssllabs-A-plus/
adding
--providers.file.filename=/etc/traefik/dynamic.yml
and
- "traefik.http.routers.adminsec.middlewares=secHeaders@file"
to both containers labels and traefik labels still shows a B grade on ssl labs, indicating something is overriding this configuration.
I believe this may be due to the webserver is still supplying the default traefik cert when no sni is sent to the domain. (but when sni is sent to the domain, I think it responds with correct cyphers, however, I am unsure how to test this).