I have drupal installed in my website root with a directory called xi-admin underneath it, that directory has a .htaccess inside doing password protection. problem is, is that it is rewriting http://www.example.com/xi-admin/ back to index.php????
RewriteCond %{REQUEST_FILENAME} !-f
RewriteCond %{REQUEST_FILENAME} !-d
RewriteCond %{REQUEST_URI} !^(xi-admin|xi-admin/.*)$
RewriteCond %{REQUEST_URI} !=/favicon.ico
RewriteRule ^(.*)$ index.php?q=$1 [L,QSA]
Try changing
RewriteCond %{REQUEST_URI} !^(xi-admin|xi-admin/.*)$
to
RewriteCond %{REQUEST_URI} !^/xi-admin
In your configuration, you are referring in one rule to foo, in the other to /bar, one of them will never match.
Either choose:
RewriteCond %{REQUEST_FILENAME} !-f
RewriteCond %{REQUEST_FILENAME} !-d
RewriteCond %{REQUEST_URI} !^/(xi-admin|xi-admin/.*)$
RewriteCond %{REQUEST_URI} !=/favicon.ico
RewriteRule ^(.*)$ index.php?q=$1 [L,QSA]
Or another alternative using relative addressing, which I would recommend because it works even if this directory would later be moved to somewhere else in the directory hierarchy:
RewriteCond %{REQUEST_FILENAME} !-f
RewriteCond %{REQUEST_FILENAME} !-d
RewriteCond $1 !^(xi-admin|xi-admin/.*)$
RewriteCond $1 !=favicon.ico
RewriteRule ^(.*)$ index.php?q=$1 [L,QSA]