When using the .htaccess for password protection in combination with the .htaccess 301 redirect to https in Really Simple SSL, a redirect to https://domain.com/401.shtml might occur.
A simple solution that has been reported to work is to add
ErrorDocument 401 default
To the top of your .htaccess, so the end result looks like this (the error document should come before the password lines):
# Error Document
ErrorDocument 401 default
#password protection
AuthType Basic
AuthName "YOUR AUTH NAME"
AuthUserFile "/path/to/file"
require valid-user
# BEGIN rlrssslReallySimpleSSL rsssl_version[2.5.25]
RewriteEngine on
RewriteCond %{HTTPS} !=on [NC]
RewriteRule ^(.*)$ https://%{HTTP_HOST}%/$1 [R=301,L]
# END rlrssslReallySimpleSSL
Then clear cache and cookies. For more details on this issue, see this forum thread:
https://wordpress.org/support/topic/rsssl-htaccess-code-causes-401-shtml-on-http-to-https-redirect-when-using-auth/#post-10033367
