diff --git a/docker-compose-standalone.yml b/docker-compose-standalone.yml
index a297cb18f..f93027835 100644
--- a/docker-compose-standalone.yml
+++ b/docker-compose-standalone.yml
@@ -445,7 +445,7 @@ services:
       - ./nginx/ca-trust:/var/local/ca-trust:ro
       - ./htadmin/config.ini:/var/www/htadmin/config/config.ini:rw
       - ./htadmin/metadata:/var/www/htadmin/config/metadata:rw
-      - ./nginx/htpasswd:/var/www/htadmin/config/htpasswd:rw
+      - ./nginx/htpasswd:/var/www/htadmin/config/auth/htpasswd:rw
     healthcheck:
       test: ["CMD", "curl", "--silent", "--fail", "http://localhost"]
       interval: 60s
@@ -639,7 +639,7 @@ services:
       - ./nginx/ca-trust:/var/local/ca-trust:ro
       - nginx-log-path:/var/log/nginx:rw
       - ./nginx/nginx_ldap.conf:/etc/nginx/nginx_ldap.conf:ro
-      - ./nginx/htpasswd:/etc/nginx/htpasswd:ro
+      - ./nginx/htpasswd:/etc/nginx/auth/htpasswd:ro
       - ./nginx/certs:/etc/nginx/certs:ro
       - ./nginx/certs/dhparam.pem:/etc/nginx/dhparam/dhparam.pem:ro
     healthcheck:
@@ -649,15 +649,15 @@ services:
       retries: 3
       start_period: 120s
     labels:
-      traefik.enable: "false"
-      # traefik.http.routers.osmalcolm.rule: 'Host(`opensearch.malcolm.example.org`)'
-      # traefik.http.routers.osmalcolm.entrypoints: 'websecure'
-      # traefik.http.routers.osmalcolm.tls.certresolver: 'myresolver'
+      traefik.enable: 'false'
+      # traefik.http.routers.osmalcolm.rule: 'Host(``)'
+      # traefik.http.routers.osmalcolm.entrypoints: ''
+      # traefik.http.routers.osmalcolm.tls.certresolver: ''
       # traefik.http.routers.osmalcolm.service: 'osmalcolm'
       # traefik.http.services.osmalcolm.loadbalancer.server.port: '9200'
-      # traefik.http.routers.malcolm.rule: 'Host(`malcolm.example.org`)'
-      # traefik.http.routers.malcolm.entrypoints: 'websecure'
-      # traefik.http.routers.malcolm.tls.certresolver: 'myresolver'
+      # traefik.http.routers.malcolm.rule: 'Host(``)'
+      # traefik.http.routers.malcolm.entrypoints: ''
+      # traefik.http.routers.malcolm.tls.certresolver: ''
       # traefik.http.routers.malcolm.service: 'malcolm'
       # traefik.http.services.malcolm.loadbalancer.server.port: '443'
 
@@ -667,4 +667,4 @@ volumes:
 
 networks:
   default:
-    external: false
\ No newline at end of file
+    external: false
diff --git a/docker-compose.yml b/docker-compose.yml
index a3060b43e..f262700fb 100644
--- a/docker-compose.yml
+++ b/docker-compose.yml
@@ -499,7 +499,7 @@ services:
       - ./nginx/ca-trust:/var/local/ca-trust:ro
       - ./htadmin/config.ini:/var/www/htadmin/config/config.ini:rw
       - ./htadmin/metadata:/var/www/htadmin/config/metadata:rw
-      - ./nginx/htpasswd:/var/www/htadmin/config/htpasswd:rw
+      - ./nginx/htpasswd:/var/www/htadmin/config/auth/htpasswd:rw
     healthcheck:
       test: ["CMD", "curl", "--silent", "--fail", "http://localhost"]
       interval: 60s
@@ -715,7 +715,7 @@ services:
       - ./nginx/ca-trust:/var/local/ca-trust:ro
       - nginx-log-path:/var/log/nginx:rw
       - ./nginx/nginx_ldap.conf:/etc/nginx/nginx_ldap.conf:ro
-      - ./nginx/htpasswd:/etc/nginx/htpasswd:ro
+      - ./nginx/htpasswd:/etc/nginx/auth/htpasswd:ro
       - ./nginx/certs:/etc/nginx/certs:ro
       - ./nginx/certs/dhparam.pem:/etc/nginx/dhparam/dhparam.pem:ro
     healthcheck:
@@ -725,15 +725,15 @@ services:
       retries: 3
       start_period: 120s
     labels:
-      traefik.enable: "false"
-      # traefik.http.routers.osmalcolm.rule: 'Host(`opensearch.malcolm.example.org`)'
-      # traefik.http.routers.osmalcolm.entrypoints: 'websecure'
-      # traefik.http.routers.osmalcolm.tls.certresolver: 'myresolver'
+      traefik.enable: 'false'
+      # traefik.http.routers.osmalcolm.rule: 'Host(``)'
+      # traefik.http.routers.osmalcolm.entrypoints: ''
+      # traefik.http.routers.osmalcolm.tls.certresolver: ''
       # traefik.http.routers.osmalcolm.service: 'osmalcolm'
       # traefik.http.services.osmalcolm.loadbalancer.server.port: '9200'
-      # traefik.http.routers.malcolm.rule: 'Host(`malcolm.example.org`)'
-      # traefik.http.routers.malcolm.entrypoints: 'websecure'
-      # traefik.http.routers.malcolm.tls.certresolver: 'myresolver'
+      # traefik.http.routers.malcolm.rule: 'Host(``)'
+      # traefik.http.routers.malcolm.entrypoints: ''
+      # traefik.http.routers.malcolm.tls.certresolver: ''
       # traefik.http.routers.malcolm.service: 'malcolm'
       # traefik.http.services.malcolm.loadbalancer.server.port: '443'
 
@@ -743,4 +743,4 @@ volumes:
 
 networks:
   default:
-    external: false
\ No newline at end of file
+    external: false
diff --git a/nginx/nginx_auth_basic.conf b/nginx/nginx_auth_basic.conf
index 9b42438fd..3dc64c678 100644
--- a/nginx/nginx_auth_basic.conf
+++ b/nginx/nginx_auth_basic.conf
@@ -1,3 +1,3 @@
 auth_basic "Authentication Required";
-auth_basic_user_file /etc/nginx/htpasswd;
+auth_basic_user_file /etc/nginx/auth/htpasswd;
 set $authenticated_user $remote_user;
diff --git a/nginx/scripts/docker_entrypoint.sh b/nginx/scripts/docker_entrypoint.sh
index a8bf3a3ea..992751ec3 100755
--- a/nginx/scripts/docker_entrypoint.sh
+++ b/nginx/scripts/docker_entrypoint.sh
@@ -237,5 +237,8 @@ EOF
 
 fi # basic vs. ldap
 
+if [![-f /etc/nginx/auth/]] ; then
+  cp /etc/nginx/auth/default/htpasswd /etc/nginx/auth/
+
 # start supervisor (which will spawn nginx, stunnel, etc.) or whatever the default command is
 exec "$@"