Hello, Im trying to protect some pdf files with the built-in protected folder settings on a client website. if I look at the .vhost file for the website I got following lines added: Code: location /images/dokumentation/ { auth_basic "Members Only"; auth_basic_user_file /var/www/clients/client103/web507/web/images/dokumentation/.htpasswd; location ~ \.php$ { try_files /e62adce96fc6290952f4838f83eb7c63.htm @php; } } If I access following url: domain.tld/images/dokumentation/ I get prompted for login, if I try access following: domain.tld/images/dokumentation/somefile.pdf I get direct access without getting prompted for login. Any hints how to make sure all files are protected by login?