I want to force https and basic auth for server-status output (mod_status). If I enable auth and user asks for http://site/server-status apache first asks for pass, then redirects to httpS, then asks for pass again.

This question is similar to Apache - Redirect to https before AUTH and force https with apache before .htpasswd but I cannot get it work because we are speaking not about generic folder but Location structure.

My config (shortly) is as follows:

<Location /server-status>
    SSLRequireSSL
    <IfModule mod_rewrite.c>
        RewriteEngine on
        RewriteBase /server-status
        RewriteCond %{HTTPS} off
                RewriteCond %{SERVER_PORT} 80
                RewriteRule ^ - [E=nossl]
                RewriteRule (.*) https://site/server-status} [R=301,L]
    </IfModule>

    SetHandler server-status
    Order deny,allow
    Deny from all
    Allow from localhost ip6-localhost
    Allow from 1.2.3.0/24

    Allow from env=nossl

    AuthUserFile /etc/httpd/status-htpasswd
    AuthName "Password protected"
    AuthType Basic
    Require valid-user

    Satisfy any
</Location>

I assume Allow from env=nossl should allow everyone with RewriteCond %{HTTPS} off and server port 80, then force it to redirect but it does not work.

Please note, I do not want force to SSL the whole site but /server-status only. If it matters the server has several sites.

What am I doing wrong? Thank you.