Directory Privacy causing infinite redirects in Addon Domain with WordPress

[allenwp]

Hi there,

I am trying to apply password protection to the WordPress wp-admin folder of an Addon Domain using this approach, but it seems to result in an infinite redirect error with the following HTTP response:

HTTP/2 302 Found
date: Thu, 17 Jun 2021 19:06:17 GMT
server: Apache
www-authenticate: Basic realm="Protected 'public_html/avlatency.com/wp-admin'"
expires: Wed, 11 Jan 1984 05:00:00 GMT
cache-control: no-cache, must-revalidate, max-age=0
link: <https://avlatency.com/wp-json/>; rel="https://api.w.org/"
x-redirect-by: WordPress
strict-transport-security: max-age=31536000
location: https://avlatency.com/wp-admin/
vary: Accept-Encoding
content-encoding: br
content-length: 1
content-type: text/html; charset=UTF-8
X-Firefox-Spdy: h2

Any thoughts on how to address this issue?

 

[cPRex]

Hey there! As a test, I added directory privacy with the password protection to one of my own WordPress sites and I didn't run into any issues. I went to domain.com/wp-admin, received the pop up, entered the username and password, and then it took me to the WordPress login page.

Do you have any other .htaccess rules that could be interfering with this? I just have the default WordPress stuff and the cPanel PHP section in mine:

# cat /home/username/public_html/.htaccess

# BEGIN WordPress
# The directives (lines) between "BEGIN WordPress" and "END WordPress" are
# dynamically generated, and should only be modified via WordPress filters.
# Any changes to the directives between these markers will be overwritten.
<IfModule mod_rewrite.c>
RewriteEngine On
RewriteRule .* - [E=HTTP_AUTHORIZATION:%{HTTP:Authorization}]
RewriteBase /
RewriteRule ^index\.php$ - [L]
RewriteCond %{REQUEST_FILENAME} !-f
RewriteCond %{REQUEST_FILENAME} !-d
RewriteRule . /index.php [L]
</IfModule>

# END WordPress

# php -- BEGIN cPanel-generated handler, do not edit
# Set the “ea-php74” package as the default “PHP” programming language.
<IfModule mime_module>
  AddHandler application/x-httpd-ea-php74 .php .php7 .phtml
</IfModule>
# php -- END cPanel-generated handler, do not edit

 

[allenwp]

Here's my .htaccess for the root of the Addon Domain's folder:

# BEGIN WordPress
# The directives (lines) between `BEGIN WordPress` and `END WordPress` are
# dynamically generated, and should only be modified via WordPress filters.
# Any changes to the directives between these markers will be overwritten.
<IfModule mod_rewrite.c>
RewriteEngine On
RewriteRule .* - [E=HTTP_AUTHORIZATION:%{HTTP:Authorization}]
RewriteBase /
RewriteRule ^index\.php$ - [L]
RewriteCond %{REQUEST_FILENAME} !-f
RewriteCond %{REQUEST_FILENAME} !-d
RewriteRule . /index.php [L]
</IfModule>

# END WordPress

# php -- BEGIN cPanel-generated handler, do not edit
# Set the “ea-php74” package as the default “PHP” programming language.
<IfModule mime_module>
  AddHandler application/x-httpd-ea-php74 .php .php7 .phtml
</IfModule>
# php -- END cPanel-generated handler, do not edit

My primary domain also has a password on its wp-admin directory which was configured using Directory Privacy and I just checked with my host owner and he can't remember any special configuration that was needed to get it working... So I think this might be an issue specific to the Addon Domain that this wordpress install is under? I've compared the .htaccess for the primary domain and this Addon domain and can't find any relevant differences... Here's the .htaccess for the primary domain in case it's helpful:

<files wp-config.php>
order allow,deny
deny from all
</files>

# Block the include-only files.
<IfModule mod_rewrite.c>
RewriteEngine On
RewriteBase /
RewriteRule ^wp-admin/includes/ - [F,L]
RewriteRule !^wp-includes/ - [S=3]
RewriteRule ^wp-includes/[^/]+\.php$ - [F,L]
RewriteRule ^wp-includes/js/tinymce/langs/.+\.php - [F,L]
RewriteRule ^wp-includes/theme-compat/ - [F,L]
</IfModule>

# BEGIN WordPress
# The directives (lines) between "BEGIN WordPress" and "END WordPress" are
# dynamically generated, and should only be modified via WordPress filters.
# Any changes to the directives between these markers will be overwritten.
<IfModule mod_rewrite.c>
RewriteEngine On
RewriteRule .* - [E=HTTP_AUTHORIZATION:%{HTTP:Authorization}]
RewriteBase /blog/
RewriteRule ^index\.php$ - [L]
RewriteCond %{REQUEST_FILENAME} !-f
RewriteCond %{REQUEST_FILENAME} !-d
RewriteRule . /blog/index.php [L]
</IfModule>

# END WordPress

Thanks for your help!

 

[HostNoc]

Hello, Kindly add the following line in your .htaccess file.

ErrorDocument 401 default

 

[allenwp]

Hello, Kindly add the following line in your .htaccess file.

ErrorDocument 401 default

I added that line to the bottom of my addon domain's .htaccess file and that fixed it! Thanks for your help, HostNoc!

Regards,
Allen