Password protect entire site?

[SimVT]

First of all thank you for Panopticon - it is amazingly fast and easy to use. On all my sites I use the Administrator Directory Password Protection feature which works well.

But, one site I have completely protected with .htaccess and .htpasswd file and don't have the admin directory protected as it isn't a public site. Is it possible to have Panopticon save those credentials? I certainly understand if not and this site isn't a longterm project so it isn't that important but I thought I'd ask as it might be a useful feature?

Thanks again!

[nikosdion]

It is something that I considered but, no, I will not implement. The problem is that, depending on the server's and site's configuration, the HTTP Basic Authentication username and password might override the API token thereby leading to connection issues that are notoriously difficult to troubleshoot. Ask me how I know…

What you can do is disable the password protection just in the /api folder of your Joomla! site using a .htaccess file in it. Remember, the Joomla! API application requires a token linked to a Super User to do anything; it's not like you are going to lose any privacy by doing that.

[SimVT]

Understood and thanks for the response. What you can do is disable the password protection just in the /api That is a great idea I never would have thought of. Thanks!

…

On Jan 14, 2025, at 1:35 PM, Nicholas K. Dionysopoulos ***@***.***> wrote: It is something that I considered but, no, I will not implement. The problem is that, depending on the server's and site's configuration, the HTTP Basic Authentication username and password might override the API token thereby leading to connection issues that are notoriously difficult to troubleshoot. Ask me how I know… What you can do is disable the password protection just in the /api folder of your Joomla! site using a .htaccess file in it. Remember, the Joomla! API application requires a token linked to a Super User to do anything; it's not like you are going to lose any privacy by doing that. — Reply to this email directly, view it on GitHub <#881 (comment)>, or unsubscribe <https://github.com/notifications/unsubscribe-auth/AR4RXBVRQGA7M2UDSDPFCKL2KVKGXAVCNFSM6AAAAABVFPHO7OVHI2DSMVQWIX3LMV43URDJONRXK43TNFXW4Q3PNVWWK3TUHMYTCOBTGQ3TSNA>. You are receiving this because you authored the thread.

[nikosdion]

You're welcome!