host has problems adding subdomain with working mod_rewrite and htauth password

cretaceous

Hosting for a charity that I do work for - using the charity's web host..

Needed a subdomain, added it in CPanel but it wouldn't resolve
(Host owner asked for rewrite_conds adding in root directory .. I've not had to do that before for a subdomain, but it didn't correct it)
The host owner then said he could set up the subdomain some other way, so did so and everything worked

Both root and new subdomain have rewrites and baseurl set to their own directory, and both are using sessions for log in to their CMS.

Now here's the problem
I need to add basic ht_auth password protection on the subdomain directory.
What could possibly go wrong?
So I do this and can lock out / get access correctly.
But it throws out the baseurl - sudddenly the rewrites have lost their root and it's like mod_rewrite is deactivated - I just see my index page defaulting to showing the homepage with no css.

Wherever I put the htpasswd file the issue is the same, (above root/in root/under root) so it's not the password location.
The host owner can't be bothered to help.

Any tips or ideas?

cretaceous

Narrowed down the problem
The main site is https, so to force https connections, the root htaccess has :

RewriteCond %{HTTPS} !=on
RewriteRule .* https://%{SERVER_NAME}%{REQUEST_URI} [R,L]

if I remove that, the htpasswd in the subdomain works correctly and Rewritebase works for subdomain pages

I have tried altering the https rule (in parent htaccess) so it only affects the parent domain:

so :

RewriteCond %{HTTP_HOST} (www\.){0,1}thedomain\.com [NC]
RewriteCond %{SERVER_PORT} 80
RewriteRule (.*) https://www.thedomain.com/$1 [R,L]
(only force https on address starting www)

or:

RewriteCond %{HTTP_HOST} !^/subdomainname/thedomain.com
RewriteCond %{HTTPS} !=on
RewriteRule .* https://%{SERVER_NAME}%{REQUEST_URI} [R,L]
(force https if URL does not start with subdomainname)

but none work - I can't guess as to what is happening unless CPanel is doing something odd.
There are a few of the same issues found via Google .. but no solution.

bradgrafelman

The problem with your first pattern:
code{0,1}thedomain.com[/code]is that "subdomain.thedomain.com" will still match that pattern. (Hint: Your pattern says nothing about what the host starts with - only that it contains "www.thedomain.com" or "thedomain.com" anywhere.)

The problem with your second pattern:

^/subdomainname/thedomain.com

is that it doesn't make sense; hostnames can't contain forward slashes.

cretaceous

Thanks, food for thought - (easy to get blinkered by the forward slash when you're stressed..) and yes, I do need a lesson in regex !
You certainly have much better tips than the webhost owner, who you think might have an idea.
Much appreciated