diff --git a/config/fileconf/dynamic.yml b/config/fileconf/dynamic.yml
new file mode 100644
index 0000000..0345cb9
--- /dev/null
+++ b/config/fileconf/dynamic.yml
@@ -0,0 +1,34 @@
+tls:
+  options:
+    default:
+      minVersion: VersionTLS12
+      sniStrict: true
+      cipherSuites:
+        - TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256
+        - TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384
+        - TLS_ECDHE_RSA_WITH_CHACHA20_POLY1305
+        - TLS_ECDHE_ECDSA_WITH_CHACHA20_POLY1305
+        - TLS_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256
+        - TLS_ECDHE_ECDSA_WITH_AES_256_GCM_SHA384
+      curvePreferences:
+        - CurveP521
+        - CurveP384
+    mintls13:
+      minVersion: VersionTLS13
+
+http:
+  middlewares:
+    secHeaders:
+      headers:
+        browserXssFilter: true
+        contentTypeNosniff: true
+        frameDeny: true
+        sslRedirect: true
+        #  HSTS Configuration
+        stsIncludeSubdomains: true
+        stsPreload: true
+        stsSeconds: 31536000
+        customRequestHeaders:
+          X-Frame-Options: "SAMEORIGIN"
+        customFrameOptionsValue: "SAMEORIGIN"
+
diff --git a/config/traefik.toml b/config/traefik.toml
index 3815786..abf24d3 100644
--- a/config/traefik.toml
+++ b/config/traefik.toml
@@ -155,6 +155,7 @@
   # Default: "unix:///var/run/docker.sock"
   #
   # endpoint = "tcp://10.10.10.10:2375"
+  endpoint = "unix:///var/run/docker.sock"
 
   # Default host rule.
   #
@@ -237,13 +238,13 @@
   #
   # Optional
   #
-   [certificatesResolvers.myresolver.acme.httpChallenge]
+  # [certificatesResolvers.myresolver.acme.httpChallenge]
 
     # EntryPoint to use for the HTTP-01 challenges.
     #
     # Required
     #
-    entrypoint = "web"
+  #  entrypoint = "web"
 
   # Use a DNS-01 ACME challenge rather than HTTP-01 challenge.
   # Note: mandatory for wildcard certificate generation.