{
    my $status = $bandwidthd{'status'} || "disabled";
    return "    # bandwidthd is disabled in this VirtualHost"
           unless $status eq 'enabled';

   $OUT = "";
   my $pass = 0;
   my $allow = "ip $localAccess";
   my $name = $bandwidthd{'Name'} || 'Application bandwidthd Login';
   my $webinterface =  $bandwidthd{'webinterface'} || 'both';
   $version = "74"; #temp bjr 30nov2020

   for ('exit-if-none')
   {
     if ($bandwidthd{'webaccess'})
     {
         if ($bandwidthd{'webaccess'} eq 'private')
         {
           $allow   = "ip $localAccess $externalSSLAccess";
	   $pass = 1;
         }
         elsif ($bandwidthd{'webaccess'} eq 'local')
         {
           $allow   = "ip $localAccess $externalSSLAccess";
	   $pass = 0;
         }
          elsif ($bandwidthd{'webaccess'} eq 'public')
         {
           $allow   = 'all granted';
	   $pass = 1;
         }
         elsif ($bandwidthd{'webaccess'} eq 'global')
         {
           $allow   = 'all granted';
	   $pass = 0;
         }
     }
 if ($webinterface eq "both" || $webinterface  eq "html")
     {  
      $OUT .= "#------------------------------------------------------------\n";
      $OUT .= "# bandwidthd HTML- $name\n";
      $OUT .= "#------------------------------------------------------------\n";
      
      
      if (exists $bandwidthd{'URL'} && $webinterface  eq "html")
        { $OUT .= "Alias  /$bandwidthd{'URL'}  /var/www/bandwidthd/htdocs\n"; }
      
      
      if ( $webinterface  eq "html")
        {
        $OUT .= "Alias  /bandwidthd  /var/www/bandwidthd/htdocs\n";
        }
        $OUT .= "Alias  /bandwidthd-static  /var/www/bandwidthd/htdocs\n";
      
      $OUT .= "\n";
      $OUT .= "<Directory /var/www/bandwidthd/htdocs>\n";
      $OUT .= "    AddType application/x-httpd-php .php .conf\n";

      $OUT .= "<FilesMatch \.php\$\>\n";
      $OUT .= "SetHandler \"proxy:unix:/var/run/php-fpm/php$version.sock|fcgi://localhost\"\n";
      $OUT .= "</FilesMatch>\n";    

      $OUT .= "    Options None\n";
      if ($pass)
      {
          $OUT .= "    AuthName \"$name\"\n";
          $OUT .= "    AuthBasicProvider external\n";
          $OUT .= "    AuthType Basic\n";
          $OUT .= "    AuthExternal pwauth\n";
      }
      $OUT .= "    <RequireAll>\n";
      $OUT .= "      require user admin\n" if ($pass);
      $OUT .= "      Require $allow\n";
      $OUT .= "    </RequireAll>\n";
      $OUT .= "</Directory>\n";
     }

 if ($webinterface eq "both" || $webinterface  eq "php")
     {
      $OUT .= "#------------------------------------------------------------\n";
      $OUT .= "# bandwidthd PHP- $name\n";
      $OUT .= "#------------------------------------------------------------\n";
 
      
      if (exists $bandwidthd{'URL'} && $webinterface  ne "html" )
        { $OUT .= "Alias  /$bandwidthd{'URL'}  /var/www/bandwidthd/phphtdocs\n"; }
     
 
      $OUT .= "Alias  /bandwidthd  /var/www/bandwidthd/phphtdocs\n";
 
      $OUT .= "Alias  /bandwidthd-sql  /var/www/bandwidthd/phphtdocs\n";

      $OUT .= "\n";
      $OUT .= "<Directory /var/www/bandwidthd/phphtdocs>\n";

      $OUT .= "<FilesMatch \.php\$\>\n";
      $OUT .= "SetHandler \"proxy:unix:/var/run/php-fpm/php$version.sock|fcgi://localhost\"\n";
      $OUT .= "</FilesMatch>\n";

      $OUT .= "    SSLRequireSSL\n";
      $OUT .= "    Options None\n";
      if ($pass)
      {
          $OUT .= "    AuthName \"$name\"\n";
          $OUT .= "    AuthBasicProvider external\n";
          $OUT .= "    AuthType Basic\n";
          $OUT .= "    AuthExternal pwauth\n";
      }
          $OUT .= "    <RequireAll>\n";
          $OUT .= "      require user admin\n" if ($pass);
          $OUT .= "      Require $allow\n";
          $OUT .= "    </RequireAll>\n";
      $OUT .= "</Directory>\n";
    }
  }

}
