diff --git a/tasks/main.yml b/tasks/main.yml
index def16fe..3fa5e21 100644
--- a/tasks/main.yml
+++ b/tasks/main.yml
@@ -102,5 +102,6 @@
 #      - traefik-sa.yml.j2
       - traefik-ingressroute.yml.j2
 #      - traefik-svc.yml.j2
+#      - traefik-defaultbackend.yml.j2
 
   tags: traefik
diff --git a/templates/traefik-defaultbackend.yml.j2 b/templates/traefik-defaultbackend.yml.j2
new file mode 100644
index 0000000..40ad31d
--- /dev/null
+++ b/templates/traefik-defaultbackend.yml.j2
@@ -0,0 +1,16 @@
+---
+apiVersion: networking.k8s.io/v1
+kind: Ingress
+metadata:
+  name: cheese
+  annotations:
+    traefik.ingress.kubernetes.io/router.entrypoints: web,websecure
+    traefik.ingress.kubernetes.io/router.priority: "1"
+    traefik.ingress.kubernetes.io/router.middlewares: security_headers@file,compress@file
+
+spec:
+  defaultBackend:
+    service:
+      name: stilton
+      port:
+        number: 80
diff --git a/templates/traefik-files.yml.j2 b/templates/traefik-files.yml.j2
index b5ab8e9..b03f2f6 100644
--- a/templates/traefik-files.yml.j2
+++ b/templates/traefik-files.yml.j2
@@ -51,13 +51,24 @@ data:
     #        users:
     #          - {{ basic_auth_data }}
 {% endif %}
-{% if false %}
         authelia:
           forwardAuth:
             address: "http://authelia:9091/api/verify?rd=https://login.example.com/"
             trustForwardHeader: true
-            authReponseHeaders: ["Remote-User", "Remote-Groups", "Remote-Name", "Remote-Email"]
-{% endif %}
+            authResponseHeaders:
+              - "Remote-User"
+              - "Remote-Groups"
+              - "Remote-Name"
+              - "Remote-Email"
+        authelia-basic:
+          forwardAuth:
+            address: "http://authelia:9091/api/verify?auth=basic"
+            trustForwardHeader: true
+            authResponseHeaders:
+              - "Remote-User"
+              - "Remote-Groups"
+              - "Remote-Name"
+              - "Remote-Email"
 
   traefik-tls-defaults-options.yaml: |
     tls: