Kibana4 behind Apache2 Proxy

I decided to use Apache as a reverse proxy based on some Googling and I am having an issue. I can get the proxy to work when I just put in http://logserver.host.com/ and it asks me for the credentials I set up. However, when I put in the Kibana port, I can get to Kibana around apache. So http://logserver.host.com:5601 will bypass the authentication I set up.

<VirtualHost *:80>
        ServerName loggingserver
        ServerAdmin admin@admin.com

  #
  # Proxy
  #
  ProxyRequests Off
  <Proxy *>
    Order Allow,Deny
    Allow from all
    AuthType Basic
    AuthName "Halt! This is a restricted area.  Please provide credentials."
    AuthUserFile /path/to/file.htpwd
    Require valid-user
  </Proxy>
  ProxyRequests Off
  ProxyPass / http://127.0.0.1:5601
  ProxyPassReverse / http://127.0.0.1:5601
  RewriteEngine on
  RewriteCond %{DOCUMENT_ROOT}/%{REQUEST_FILENAME} !-f
  RewriteRule .* http://127.0.0.1:5601%{REQUEST_URI} [P,QSA]

        ErrorLog ${APACHE_LOG_DIR}/kibana_error.log
        LogLevel warn
        CustomLog ${APACHE_LOG_DIR}/kibana_access.log combined
</VirtualHost>

I tried to add a basepath to the kibana.yml config file but that strangely just adds extra paths to the url, which of course doesn't work at all.

Any ideas?

You will need to add firewall rules to prevent access to the port directly.

Well then, that was easy. Thank you so much. Everything works as intended and I'm ready to start filling it up with clients and custom visualizations.