diff --git a/server/web/auth/auth.go b/server/web/auth/auth.go
index b125f39..3a03650 100644
--- a/server/web/auth/auth.go
+++ b/server/web/auth/auth.go
@@ -6,7 +6,6 @@ import (
 	"net/http"
 	"os"
 	"path/filepath"
-	"slices"
 	"unsafe"
 
 	"github.com/gin-gonic/gin"
@@ -69,15 +68,11 @@ func BasicAuth(accounts gin.Accounts) gin.HandlerFunc {
 	}
 }
 
-func CheckAuth(exclude ...string) gin.HandlerFunc {
+func CheckAuth() gin.HandlerFunc {
 	return func(c *gin.Context) {
 		if !settings.HttpAuth {
 			return
 		}
-		
-		if slices.Contains(exclude, c.FullPath()) {
-			return
-		}
 
 		if _, ok := c.Get(gin.AuthUserKey); ok {
 			return
diff --git a/server/web/pages/route.go b/server/web/pages/route.go
index 4649ad8..d0dfc53 100644
--- a/server/web/pages/route.go
+++ b/server/web/pages/route.go
@@ -1,6 +1,8 @@
 package pages
 
 import (
+	"slices"
+
 	"github.com/anacrolix/torrent/metainfo"
 	"github.com/gin-gonic/gin"
 
@@ -11,9 +13,18 @@ import (
 )
 
 func SetupRoute(route gin.IRouter) {
-	authorized := route.Group("/", auth.CheckAuth("/site.webmanifest"))
+	authorized := route.Group("/", auth.CheckAuth())
 
-	template.RouteWebPages(authorized)
+	webPagesAuth := route.Group("/", func() gin.HandlerFunc {
+		return func(c *gin.Context) {
+			if slices.Contains([]string{"/site.webmanifest"}, c.FullPath()) {
+				return
+			}
+			auth.CheckAuth()(c)
+		}
+	}())
+
+	template.RouteWebPages(webPagesAuth)
 	authorized.GET("/stat", statPage)
 	authorized.GET("/magnets", getTorrents)
 }