I wanted to test out the File Manager plugin, so I added basicauth and filemanager to my Caddy file. When I restarted the server and visited the page in my browser (I tried Epiphany/GNOME Web and Chromium), it gave me a “401 Unauthorized” message, but it had never asked me for a username or password.
Browser Message
Caddy File
I have other sites configured in my Caddyfile that are not shown below, and the password IS NOT XXXXXXXX
.
https://webdesign.flexstart.me {
root /var/www/webdesign.flexstart.me
gzip
minify
tls webmaster@flexstart.me {
protocols tls1.0 tls1.2
}
log /var/www/logs/webdesign.log
errors {
log /var/www/logs/webdesign-error.log
404 /errors/404.html
}
header / {
Strict-Transport-Security "max-age=31536000; includeSubDomains; preload;"
\# Content-Security-Policy "default-src 'none' ; script-src 'self' cdnjs.cloudflare.com; style-src 'self' cdnjs.cloudflare.com; img-src 'self' cdnjs.cloudflare.com; font-src 'self' fonts.googleapis.com cdnjs.cloudflare.com; connect-src 'self' ; media-src 'self' ; object-src 'none' ; child-src 'none' ; frame-ancestors 'none' ; form-action 'self' formspree.io ;"
Public-Key-Pins "pin-sha256=\"Vjs8r4z+80wjNcr1YKepWQboSIRi63WsWXhIMN+eWys=\"; pin-sha256=\"C5+lpZ7tcVwmwQIMcRtPbsQtWLABXhQzejna0wHFr8M=\"; pin-sha256=\"YLh1dUR9y6Kja30RrAn7JKnbQG/uEtLMkBgFF2Fuihg=\"; pin-sha256=\"Pr2hOJcdTcz63ucsPIH9XAJazPWZHdSMfAeb9lYWC5Q=\"; pin-sha256=\"klO23nT2ehFDXCfx3eHTDRESMz3asj1muO+4aIdjiuY=\"; pin-sha256=\"SMAnK9nweWoTAdwp1LVMG7hJIulUolcsTHwr2h7Kw3Y=\"; pin-sha256=\"5Flr8i4NX99DWqi7Ot0z2WoboW9myiaH1BvpgRpFMIk=\"; includeSubdomains; max-age=2592000;"
X-Frame-Options "SAMEORIGIN"
X-XSS-Protection "1; mode=block"
X-Content-Type-Options "nosniff"
}
header /img Cache-Control "max-age=31536000"
header /css Cache-Control "max-age=2592000"
basicauth /files admin XXXXXXXX
filemanager /files {
show /var/www/webdesign.flexstart.me
}
}