htaccess redirect to https may cause redirect to 401.shtml when using password protection

When using the .htaccess for password protection in combination with the .htaccess 301 redirect to https in Really Simple SSL, a redirect to https://domain.com/401.shtml might occur.

A simple solution that has been reported to work is to add

ErrorDocument 401 default

To the top of your .htaccess, so the end result looks like this (the error document should come before the password lines):

# Error Document
ErrorDocument 401 default
#password protection
AuthType Basic
AuthName "YOUR AUTH NAME"
AuthUserFile "/path/to/file"
require valid-user
# BEGIN rlrssslReallySimpleSSL rsssl_version[2.5.25]
RewriteEngine on
RewriteCond %{HTTPS} !=on [NC]
RewriteRule ^(.*)$ https://%{HTTP_HOST}%/$1 [R=301,L]
# END rlrssslReallySimpleSSL

Then clear cache and cookies. For more details on this issue, see this forum thread:

https://wordpress.org/support/topic/rsssl-htaccess-code-causes-401-shtml-on-http-to-https-redirect-when-using-auth/#post-10033367

Simple and Performant Security.
Easily improve site security with WordPress Hardening, Two-Factor Authentication (2FA), Login Protection, Vulnerability Detection and SSL certificate generation.