Secure Solr instance on AWS server using http basic authentication
I am trying to secure an AWS server with http basic auth. Having put an .htaccess file pointing to an .htpasswd file in /opt/bitnami/apache2/htdocs it only secures the http://ec2-xx-xx-xx-xxx.x-x-x.compute.amazonaws.com page. The subdirectory http://ec2-xx-xx-xx-xxx.x-x-x.compute.amazonaws.com/solr is still accessible without authentication.
I tried to put the .htaccess file in the following places but it did not secure the access: /opt/bitnami/apache-solr/solr/ /opt/bitnami/apache-solr/solr-webapp/webapp (where admin.html for the GUI)
So my question is where to put the .htaccess file to secure the GUI access and also only allow http basic auth-protected queries on its cores.
Apparently, I cannot protect it via htaccess, instead, http base auth is provided by Jetty configuration as explained in Jetty realm example.