.htaccess with .htpasswd on site root causes redirect loop

Question

I want to temporarily password-protect a site.

I have an .htaccess file in the site root containing:

AuthType Basic
AuthName "Example Site Name"
AuthUserFile /home/my_username/.htpasswd
Require valid-user

This throws up a login window when I access example.com, however, when I authenticate I get a 310 error:

This webpage has a redirect loop

The webpage at http://example.com/ has resulted in too many redirects. Clearing your cookies for this site or allowing third-party cookies may fix the problem. If not, it is possibly a server configuration issue and not a problem with your computer.

Error 310 (net::ERR_TOO_MANY_REDIRECTS): There were too many redirects.

Now, hitting example.com gives me this error every time without asking me to authenticate.

Why is this happening?

score 3 · Accepted Answer · answered Mar 05 '13 at 16:50

In your httpd config you probably haven't got any error documents defined, so it is trying to return you to the base page, which throws an error, rinse, repeat.

try adding:

ErrorDocument 401 /[path_to_file]/error.html
ErrorDocument 403 /[path_to_file]/error.html

to your .htaccess file. Of course, make sure those simple error.html files exist too.

.htaccess with .htpasswd on site root causes redirect loop

1 Answers1