[PR #403] [MERGED] Don't ask for username/password if none are defined #3239

New issue

Closed

opened 2026-02-26 07:38:34 +03:00 by kerem · 0 comments

kerem commented

2026-02-26 07:38:34 +03:00

Owner

📋 Pull Request Information

Original PR: https://github.com/NginxProxyManager/nginx-proxy-manager/pull/403
Author: @Indemnity83
Created: 5/9/2020
Status: ✅ Merged
Merged: 5/27/2020
Merged by: @jc21

Base: develop ← Head: empty-auth

📝 Commits (1)

df73c2a skip auth check if no users defined

📊 Changes

3 files changed (+8 additions, -6 deletions)

View changed files

📝 backend/internal/access-list.js (+3 -3)
📝 backend/internal/proxy-host.js (+3 -3)
📝 backend/templates/proxy_host.conf (+2 -0)

📄 Description

This commit optimizes the Nginx config implementation of an access list, preventing an auth-check if no users are actually defined.

This should still mean that creating an empty access rule results in an inaccessible site because of the default deny all rule (secure by default). But prevents Nginx from even processing Basic Auth, or asking for a username and password if there are no users to check against.

~~This PR also fixes a bug that was preventing Auth rules from being applied to a site after enabling a previously disabled site.~~ (moved to #407)

_{🔄 This issue represents a GitHub Pull Request. It cannot be merged through Gitea due to API limitations.}

## 📋 Pull Request Information **Original PR:** https://github.com/NginxProxyManager/nginx-proxy-manager/pull/403 **Author:** [@Indemnity83](https://github.com/Indemnity83) **Created:** 5/9/2020 **Status:** ✅ Merged **Merged:** 5/27/2020 **Merged by:** [@jc21](https://github.com/jc21) **Base:** `develop` ← **Head:** `empty-auth` --- ### 📝 Commits (1) - [`df73c2a`](https://github.com/NginxProxyManager/nginx-proxy-manager/commit/df73c2a4586bbeee132a209164bdace37dd1e044) skip auth check if no users defined ### 📊 Changes **3 files changed** (+8 additions, -6 deletions) <details> <summary>View changed files</summary> 📝 `backend/internal/access-list.js` (+3 -3) 📝 `backend/internal/proxy-host.js` (+3 -3) 📝 `backend/templates/proxy_host.conf` (+2 -0) </details> ### 📄 Description This commit optimizes the Nginx config implementation of an access list, preventing an auth-check if no users are actually defined. This should still mean that creating an empty access rule results in an inaccessible site because of the default `deny all` rule (secure by default). But prevents Nginx from even processing Basic Auth, or asking for a username and password if there are no users to check against. ~This PR also fixes a bug that was preventing Auth rules from being applied to a site after enabling a previously disabled site.~ (moved to #407) --- <sub>🔄 This issue represents a GitHub Pull Request. It cannot be merged through Gitea due to API limitations.</sub>

kerem

2026-02-26 07:38:34 +03:00

closed this issue
added the
pull-request
label

No milestone

No project

No assignees

1 participant

Notifications

Due date

The due date is invalid or out of range. Please use the format "yyyy-mm-dd".

No due date set.

Dependencies

No dependencies set.

Reference

starred/nginx-proxy-manager-NginxProxyManager#3239

No description provided.

Rows
Columns