Curl response giving "missing authentication token for REST request" despite xpack.security.enabled: false in config file

I installed xpack on an elasticsearch instance, and now the output from any curl is:
{
"error" : {
"root_cause" : [
{
"type" : "security_exception",
"reason" : "missing authentication token for REST request [/?pretty]",
"header" : {
"WWW-Authenticate" : "Basic realm="security" charset="UTF-8""
}
}
],
"type" : "security_exception",
"reason" : "missing authentication token for REST request [/?pretty]",
"header" : {
"WWW-Authenticate" : "Basic realm="security" charset="UTF-8""
}
},
"status" : 401
}

I understand this has to do with xpack security, but xpack.security.enabled is set to false in the elasticsearch.yml file. I have restarted the cluster and the issue persists. Any help would be appreciated.

Did you do this on all nodes ?

Yes, one cluster has two nodes both of which have xpack.security disabled in the yml file. Another cluster has a single node and is experiencing the same issue.

Wrong config files were being used. Thanks for your reply.