1# The Dashboard 2 3See What's Going On 4{: .subtitle } 5 6The dashboard is the central place that shows you the current active routes handled by Traefik. 7 8<figure> 9 <img src="../../assets/img/webui-dashboard.png" alt="Dashboard - Providers" /> 10 <figcaption>The dashboard in action</figcaption> 11</figure> 12 13The dashboard is available at the same location as the [API](./api.md) but on the path `/dashboard/` by default. 14 15!!! warning "The trailing slash `/` in `/dashboard/` is mandatory" 16 17There are 2 ways to configure and access the dashboard: 18 19- [Secure mode (Recommended)](#secure-mode) 20- [Insecure mode](#insecure-mode) 21 22!!! note "" 23 There is also a redirect of the path `/` to the path `/dashboard/`, 24 but one should not rely on that property as it is bound to change, 25 and it might make for confusing routing rules anyway. 26 27## Secure Mode 28 29This is the **recommended** method. 30 31Start by enabling the dashboard by using the following option from [Traefik's API](./api.md) 32on the [static configuration](../getting-started/configuration-overview.md#the-static-configuration): 33 34```yaml tab="File (YAML)" 35api: 36 # Dashboard 37 # 38 # Optional 39 # Default: true 40 # 41 dashboard: true 42``` 43 44```toml tab="File (TOML)" 45[api] 46 # Dashboard 47 # 48 # Optional 49 # Default: true 50 # 51 dashboard = true 52``` 53 54```bash tab="CLI" 55# Dashboard 56# 57# Optional 58# Default: true 59# 60--api.dashboard=true 61``` 62 63Then define a routing configuration on Traefik itself, 64with a router attached to the service `api@internal` in the 65[dynamic configuration](../getting-started/configuration-overview.md#the-dynamic-configuration), 66to allow defining: 67 68- One or more security features through [middlewares](../middlewares/overview.md) 69 like authentication ([basicAuth](../middlewares/http/basicauth.md) , [digestAuth](../middlewares/http/digestauth.md), 70 [forwardAuth](../middlewares/http/forwardauth.md)) or [whitelisting](../middlewares/http/ipwhitelist.md). 71 72- A [router rule](#dashboard-router-rule) for accessing the dashboard, 73 through Traefik itself (sometimes referred as "Traefik-ception"). 74 75### Dashboard Router Rule 76 77As underlined in the [documentation for the `api.dashboard` option](./api.md#dashboard), 78the [router rule](../routing/routers/index.md#rule) defined for Traefik must match 79the path prefixes `/api` and `/dashboard`. 80 81We recommend to use a "Host Based rule" as ```Host(`traefik.example.com`)``` to match everything on the host domain, 82or to make sure that the defined rule captures both prefixes: 83 84```bash tab="Host Rule" 85# The dashboard can be accessed on http://traefik.example.com/dashboard/ 86rule = "Host(`traefik.example.com`)" 87``` 88 89```bash tab="Path Prefix Rule" 90# The dashboard can be accessed on http://example.com/dashboard/ or http://traefik.example.com/dashboard/ 91rule = "PathPrefix(`/api`) || PathPrefix(`/dashboard`)" 92``` 93 94```bash tab="Combination of Rules" 95# The dashboard can be accessed on http://traefik.example.com/dashboard/ 96rule = "Host(`traefik.example.com`) && (PathPrefix(`/api`) || PathPrefix(`/dashboard`))" 97``` 98 99??? example "Dashboard Dynamic Configuration Examples" 100 --8<-- "content/operations/include-dashboard-examples.md" 101 102## Insecure Mode 103 104This mode is not recommended because it does not allow the use of security features. 105 106To enable the "insecure mode", use the following options from [Traefik's API](./api.md#insecure): 107 108```yaml tab="File (YAML)" 109api: 110 dashboard: true 111 insecure: true 112``` 113 114```toml tab="File (TOML)" 115[api] 116 dashboard = true 117 insecure = true 118``` 119 120```bash tab="CLI" 121--api.dashboard=true --api.insecure=true 122``` 123 124You can now access the dashboard on the port `8080` of the Traefik instance, 125at the following URL: `http://<Traefik IP>:8080/dashboard/` (trailing slash is mandatory). 126