Direct URL to config.php bypasses htpasswd required credentials

Hi, in ssl.conf have the following:
<Directory “/var/www/html”>
AllowOverride All
AuthType Basic
AuthUserFile /etc/httpd/conf/some_file_name
AuthName “PRIVATE”
require valid-user
satisfy any
Order allow,deny
Deny from all
Options -Indexes

Going to freepbx_server.tld one is asked for htpasswd credentials.

However if using freepbx_server.tld/admin/config.php it completely bypasses htpasswd meaning, it doesn’t ask for credentials. Tried renaming schmoozecom.conf to schmoozcom.conf.orig and subsequently freepbx.conf to freepbx.conf.orig restarting httpd each time. Regardless of files being renamed, going to the FreePBX server with /admin/config.php it bypasses the htpasswd.

Anyone happen to know a fix for this?


This topic was automatically closed 31 days after the last reply. New replies are no longer allowed.