The **recommended** deployment to use a default denial to all requests via `--enable-default-deny=true` or `--resources="uri=/*"` and to then explicityly allow you throw bypassed.
#### **HTTP Routing**
#### **HTTP Routing**
By default all requests will be proxyed on to the upstream, if you wish to ensure all requests are authentication you can use
By default all requests will be proxyed on to the upstream, if you wish to ensure all requests are authentication you can use