Hello,
I have a Plesk configured to use php fpm and I activated password protection for a folder.
When I try to go to the site's URL it triggers a http authentication (eg mywebsite.com) but when I want to access to a php file directly (eg mywebsite.com/index.php) even if the authentication failed the page is displayed.
For static files the authentication works well.
I looked the conf file generated by plesk and it uses the ProxyPassMatch directive for executing php. The problem seems to...
Http authentication bypassed by php
I have a Plesk configured to use php fpm and I activated password protection for a folder.
When I try to go to the site's URL it triggers a http authentication (eg mywebsite.com) but when I want to access to a php file directly (eg mywebsite.com/index.php) even if the authentication failed the page is displayed.
For static files the authentication works well.
I looked the conf file generated by plesk and it uses the ProxyPassMatch directive for executing php. The problem seems to...
Http authentication bypassed by php
