Redirect Loops Redirect rules Warnings & Errormessages

htaccess redirect to https may cause redirect to 401.shtml when using password protection

When using the .htaccess for password protection in combination with the .htaccess 301 redirect to https in Really Simple SSL, a redirect to https://domain.com/401.shtml might occur.

A simple solution which has been reported to work is to add

ErrorDocument 401 default

To the top of your .htaccess, so the end result looks like this (the error document should come before the password lines):

# Error Document
ErrorDocument 401 default
#password protection
AuthType Basic
AuthName "YOUR AUTH NAME"
AuthUserFile "/path/to/file"
require valid-user
# BEGIN rlrssslReallySimpleSSL rsssl_version[2.5.25]
RewriteEngine on
RewriteCond %{HTTPS} !=on [NC]
RewriteRule ^(.*)$ https://%{HTTP_HOST}%/$1 [R=301,L]
# END rlrssslReallySimpleSSL

Then clear cache and cookies. For more details on this issue, see this forum thread:

https://wordpress.org/support/topic/rsssl-htaccess-code-causes-401-shtml-on-http-to-https-redirect-when-using-auth/#post-10033367

Related Articles

  • Manually insert .htaccess redirect http to https

    Let Really Simple SSL handle the .htaccess redirect In most cases you can let Really Simple SSL handle the .htaccess redirect. The plugin has an option which inserts the detected...
  • Remove .htaccess redirect on site lockout

    The .htaccess is the fastest redirect, so why not enable it by default? When you enable the setting “htaccess redirect” in settings/ssl/settings, Really Simple SSL detects the most suitable redirect,...
  • Inserting HSTS header using PHP

    HSTS Header insertion Really Simple SSL pro has the ability to set HSTS header for your website. In most cases this is done by inserting the HSTS header in the .htaccess...
  • ssl_error_bad_cert_domain

    ssl_error_bad_cert_domain the ssl_error_bad_cert_domain error is shown when the domain name on the certificate doesn’t match the domain of your site. A lot of hosting providers will have a default SSL...

2 Comments

  • Heman Nguri

    dear sir/ madam
    ssl already activated, but it is not detected on homepage

Leave a Comment