Change the following:
/etc/pbx/httpdconf/ari.conf
Code:
#Only allow access to ARI from trusted subnets <Directory /var/www/html/recordings> Deny from all Allow from 192.168.50.0/255.255.255.0 Allow from 192.168.100.0/255.255.255.0 </Directory> #Allow critical assets for ARI <Directory ~ "^/var/www/html/admin/assets/(js|images|css)"> Satisfy Any Allow from 192.168.50.0/255.255.255.0 Allow from 192.168.100.0/255.255.255.0 </Directory>
In the second block, you do need Satisfy Any. Per the Apache docs, Satisfy is only needed when you’re using both Require and Allow. And in fact, /etc/pbx/httpdconf/pbx.conf does have a "Require user wwwadmin maint" on the /admin directory. Basically the Satisfy Any is saying you can have access to these specific /admin subdirectories by providing the wwwadmin/maint password OR by coming in from a listed subnet. Satisfy Any is not needed in the first block because there is no other definition for the /recordings folder, i.e. there is no Require directive.
Original Link: http://pbxinaflash.com/community/index.php?threads/authentication-required-on-user-portal.13204/page-2