# Dashboard Security Fix

## Problem
The Traefik dashboard at http://quixy.uk:8080/dashboard/#/ was not password protected, showing all requests publicly.

## Root Cause
Two configuration files had `insecure: true` settings that disabled authentication:
1. `docker-compose.yml` - `--api.insecure=true` command argument
2. `traefik.yml` - `insecure: true` in api section

## Solution Applied
Fixed both configuration files:
- Changed `--api.insecure=true` to `--api.insecure=false` in docker-compose.yml
- Changed `insecure: true` to `insecure: false` in traefik.yml

## Authentication Details
Dashboard now uses basic HTTP authentication with credentials already configured:
- Username: admin
- Password: password (hash stored in TRAEFIK_AUTH environment variable)

## To Apply Changes
Run: `docker-compose down && docker-compose up -d`

## Files Modified
- docker-compose.yml:25 (insecure flag)
- traefik.yml:18 (insecure setting)