Question
Provider is asking on how to disable login without MFA at https://{customer url}/servlet/Turbine/frm/single/ ?
Answer
Access can be disabled in their apache .htaccess brand settings.
Resolution
https://{customer url}/servlet/Turbine/frm/single/ in all possible URL access brands will need to be disabled in brand .htaccces.
The following code will apply mentioned change in all brands inside branding UI:
kubectl get po | grep "branding-ui-cluster" | awk '{print $1}'
kubectl exec -it <pod name> -- bash
for brand in $(ls /var/www/brands); do ls /var/www/brands/$brand/.htaccess if [[ $(sed -n '2p' /var/www/brands/$brand/.htaccess) =~ ^$ ]] ; then sed -i '2i RewriteRule ^servlet/Turbine/frm/single - [F]' /var/www/brands/$brand/.htaccess fi done
If changes are not still effective after this httpd service could be reloaded.
Once platform is upgraded this will need to be re-run since it will be wiped out. There is an on-going PFR to fulfill this requirement at #PFR-2258.