the website redirects me back to my main domain

a chained redirect or in a single step?
is it a 301 redirect?

I apologize for the editing, but we use "example".com to maintain readability in these code discussions because the forum will auto-link portions of other domain name substitutions making the code unreadable.

It looks like whatever else is going on, the request for http://www.example.com/extra/admin is being redirected to the root domain because of how that non-www rewrite is written. It does not capture the requested URL but the /extra/page/privacy request appears to bypass that.

A typical canonicalization rewrite will include the domain name and capture any request that is not the root URL to append it to the requested URL but your rule is sending everything to the root directory and does not capture and append the full request.

The hostname should be used for the rewrite target to prevent one cause of chained redirects. Try using

RewriteCond %{HTTP_HOST} !^(www\.example\.com)?$
RewriteRule (.*) http://www.example.com/$1 [R=301,L] 

so that the domain name is in the rule target along with the query for the /extra/ directory.

Side questions - is the non https: usage intentional? Is that the only rule in the root directory?

There may well be more happening to affect the rules, I just quit looking with that canonicalization rule.

<tangent>

RewriteCond %{REQUEST_FILENAME} !-f
RewriteCond %{REQUEST_FILENAME} !-d

Was something inadvertently edited-out here? The Conditions would apply only to the immediately following rule, whose pattern is
/extra/admin$
(the /extra/ element is supplied by the location of the htaccess file). This is, almost by definition, neither a file nor a directory, so the conditions are superfluous. They really belong with the basic CMS rule that comes later in the htaccess--the one where everything is rewritten to /index.php

RewriteRule ^admin/(.*)$ access.php?page=$1 [NC,QSA]
RewriteRule ^admin/(.*)$ admin-panel/$1 [L]

When would the second rule ever deploy, if all requests for /admin/blahblah have already been rewritten?

For security’s sake you should get in the habit of starting all rewrites with / slash. It's especially important in a subdirectory, where it becomes easy to forget that the RewriteBase is not the current directory (even though that's what the patterns use) but the overall document root: not example.com/extra/ but just /example.com/

RewriteRule ^es/$ index.php?lang=es [QSA,L]
RewriteRule ^en/$ index.php?lang=en [QSA,L]
RewriteRule ^de/$ index.php?lang=de [QSA,L]
RewriteRule ^fr/$ index.php?lang=fr [QSA,L]
RewriteRule ^it/$ index.php?lang=it [QSA,L]
RewriteRule ^pt/$ index.php?lang=pt [QSA,L]
RewriteRule ^ru/$ index.php?lang=ru [QSA,L]
RewriteRule ^tr/$ index.php?lang=tr [QSA,L]
RewriteRule ^zh/$ index.php?lang=zh [QSA,L]

All this could easily be expressed as a single rule:

RewriteRule ^(e[ns]|de|fr|it|pt|ru|tr|zh)/$ index.php?lang=$1 [QSA,L]

^([^\/]+)(\/|)$

The slash / doesn’t need to be escaped inside grouping brackets, or anywhere else in mod_rewrite. And what’s that lone | doing right at the end? Did something get edited-out again?
</tangent>

Hello Dear All,
First, I would like to thank @phranque @not2easy @lucy24 all for your reply, and yes please you can edit the post if I type something wrong which breaks the forum guideline and I apologize to that. and another thing is I'm sorry for my late reply since I'm living outside the USA and I have a timeframe difference.

Ok, I add the above rules to my root domain .htaccess file.

Replace This

 RewriteCond %{HTTP_HOST} !^www\. [NC]
 RewriteRule ^(.*)$ http://www.%{HTTP_HOST}/$1 [R=301,L] 

With

RewriteCond %{HTTP_HOST} !^(www\.example\.com)?$
RewriteRule (.*) http://www.example.com/$1 [R=301,L] 

Now, what happened is https://www.example.com/en/new-portals/admin/ loads just fine and I get the login screen,

https://ibb.co/F4Wbrrf
https://ibb.co/L9dxYcT

however, when entering the login credentials and hit enter page refresh and I get a blank page but I don't see the admin panel.

This is the code I see inside the index.php in

https://www.example.com/en/new-portals/admin/

<?php 
$http_header = 'http://';
if (!empty($_SERVER['HTTPS'])) {
 $http_header = 'https://';
}
$this_url = $http_header . $_SERVER['HTTP_HOST'] . $_SERVER['REQUEST_URI'];

$this_url = str_replace('admin-panel', 'admin', $this_url);
header("Location: $this_url");
exit();
?>

And also another file inside that directory called page_load.php

<?php
//-->
if (@$_COOKIE["_admin_user"]!='') {
if (IS_LOGGED_DATA($_COOKIE["_admin_user"])) {
echo 'EE_NO_ADMIN';
@header("Location:./logout");
}
}else{
//-->
}
//-->
$page = 'dashboard';
if (!empty($_GET['page'])) {
 $page = PHP_Secure($_GET['page']);
}
//-->
$load_header = '';
$page_loaded = '';
$pages = array(
 'logout', 
 'dashboard', 
 'plugins', 
 'upload_plugin', 
 'ads', 
 'server', 
 'settings', 
 'urls',
 'report',
 'comments',
 'blogs',
 'documentation',
 'user'
);

//-->
if (@$_COOKIE["_admin_user"]!='') {
if (in_array($page, $pages)) {

$fichero_sistem = PHP_File_admin_system($page);

if (file_exists($fichero_sistem)) {
require_once $fichero_sistem;
} else {

}
//--> Header
$load_header = PHP_AdminLoadPage("header/content");
$page_loaded = PHP_AdminLoadPage("$page/content");
}else{
$page_loaded = PHP_AdminLoadPage("error/content");
} 
}else{
require_once 'system_php/page_login.php';
$page_loaded = PHP_AdminLoadPage("login/content");
}
?> 

The rest of the file inside is just for the control panel general files.

CMS loads fine inside the subdirectory main page subpages working just fine but the only issue is that admin panel loading blank.

Earlier I pasted only a few lines of my root domain .htaccess file and here is the full one.

<IfModule mod_rewrite.c>
 #Enable URL rewriting
 RewriteEngine On

 RewriteCond %{HTTP_HOST} !^(www\.example\.com)?$
 RewriteRule (.*) http://www.example.com/$1 [R=301,L] 

 #RewriteCond %{HTTP_HOST} !^www\. [NC]
 #RewriteRule ^(.*)$ http://www.%{HTTP_HOST}/$1 [R=301,L]
 
 #Replace [yourdomain] (including the brackets!) with your domain name to redirect 'www' subdomain to root domain
 #RewriteCond %{HTTP_HOST} ^www\.[yourdomain]\.com
 #RewriteRule (.*) http://[yourdomain].com/$1 [R=301,L] 
 
 #Change this to the _relative path_ of your app root directory (folder that contains your app files). 
 #Don't include the url protocol and domain!
 #For example, the value '/VideoConverter-Linux-SVN/' is valid for an app url of 'http://www.yoursite.com/VideoConverter-Linux-SVN/'.
 #Comment out this line or set value to '/' if your app files are directly in the web root.
 RewriteBase /
 
 #Rewrite conditions for "pretty" direct-to-conversion URLs
 RewriteCond %{REQUEST_FILENAME} !-d
 RewriteCond %{REQUEST_FILENAME} !-f
 
 #Rewrite rule for "pretty" direct-to-conversion URLs
 #Add more video hosting site abbreviations and/or file types as needed (See Config class file for valid values)
 #If conversion software is in iframe, and parent frame file is in different directory, move this rewrite rule to parent frame directory's .htaccess file, AND
 #You may have to replace "index.php" with "http://www.yourdomain.com/index.php" (if parent frame file is in web root directory)
 RewriteRule ^(((yt|dm|vm|fb|mc|vk|sc|ig|al|rt|xv|ph|vv|gd|tw)/)(.+?)(/(mp3|aac|m4a|mp4|webm|f4v|3gp))?(/(128|256))?)$ index.php?vidHost=$3&vidID=$4&ftype=$6&quality=$8 [QSA,L,R]
 
 #Uncomment the following lines as instructed to redirect all http:// requests to https://
 #If using Cloudflare SSL, uncomment this line
 RewriteCond %{HTTP:CF-Visitor} {"scheme":"http"}
 #If NOT using Cloudflare SSL, uncomment this line
 #RewriteCond %{HTTPS} off
 #Always uncomment these lines
 RewriteCond %{REQUEST_URI} !(.mp3|.aac|.m4a|.mp4|.webm|.f4v|.3gp)$
 RewriteRule (.*) https://%{HTTP_HOST}%{REQUEST_URI} [R=301,L] 
</IfModule>

Edited:
I check google chrome for debugging I'm just trying to provide many details as possible to it is easy you all to understand what's happening. this may be not necessary but I just add a screenshot

https://ibb.co/PgM2HNZ

Thank you

The code I offered was based on the code that had been posted, that is the reason I asked whether the domain was intentionally using http: and not https: protocols. By using that one rule to only set the www. choice, that means that a chained redirect is built in anyway. The www and https can be handled in one rule but it is not. In addition it seems to be handled at different /directory/ levels as well. The flag at the end of that rule ([R=301,L] ) labels it as a permanent and final rewrite but of course, it is not.

The ideal situation has the root directory handling the protocols and passing on requests for files where they are. Keep in mind that the rules may need repeating (with RewriteBase /directory name/) in other directories that contain their own .htaccess file because canonical rules are not inherited in those directories. In this situation it seems that the protocols are being handled at more than one level. Do you notice many 302 or 301 responses n your access logs?

Access log:

162.xxx.xx.xx - - [05/May/2020:22:31:38 +0200] "GET / HTTP/1.1" 200 13340 "-" "Mozilla/5.0 (Linux; Android 8.1.0; K6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/81.0.4044.117 Mobile Safari/537.36"
172.xx.xxx.xxx - - [05/May/2020:22:31:39 +0200] "POST /en/new-portals/admin/ HTTP/1.1" 500 4014 "https://www.example.com/en/new-portals/admin/" "Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/81.0.4044.129 Safari/537.36"
172.xx.xxx.xx - - [05/May/2020:22:31:47 +0200] "GET / HTTP/1.1" 200 13210 "-" "Mozilla/5.0 (Linux; Android 9; SAMSUNG SM-G975F Build/PPR1.180610.011) AppleWebKit/537.36 (KHTML, like Gecko) SamsungBrowser/9.2 Chrome/67.0.3396.87 Mobile Safari/537.36"
162.xxx.xxx.xxx - - [05/May/2020:22:31:48 +0200] "GET /index.php?vidID=aA_kuFTV-P8'&vidHost=youtube'&ftype=mp3'&ccode=CN'\" HTTP/1.1" 200 13365 "-" "-"

In those lines the only troubling thing I see is this one:

"POST /en/new-portals/admin/ HTTP/1.1" 500

That 500 is telling you there is a misconfiguration error.

Yes, correct and I don't know how to find and fix it. :(

look for clues in the server error log file.

Apache Error log:

[Wed May 06 01:38:18.728273 2020] [php7:error] [pid 23691] [client 1xx.xx.xxx.xxx:11822] PHP Fatal error: Uncaught Error: Call to undefined function bcpow() in /home/example/public_html/en/new-portals/application/system/function_security.php:75\nStack trace:\n#0 /home/example/public_html/en/new-portals/admin-panel/system_php/page_login.php(33): PHP_Crypt_code('573153446184435')\n#1 /home/example/public_html/en/new-portals/admin-panel/pages_load.php(53): require_once('/home/example...')\n#2 /home/example/public_html/en/new-portals/access.php(11): require('/home/example...')\n#3 {main}\n thrown in /home/example/public_html/en/new-portals/application/system/function_security.php on line 75, referer: https://www.example.com/en/new-portals/admin/

PHP Fatal error...
... in /home/example/public_html/en/new-portals/application/system/function_security.php on line 75 ...

yes - that's what you'll have to debug...

I will try and see. Thank you :)

@phranque I found the issue it was my PHP extensions some ext. missing "bcmath" so I installed it

sudo apt install php7.4-bcmath

now the blank page issue is gone however admin page not loading taking me to

https://www.example.com/en

and in there giving me "Forbidden
You don't have permission to access this resource."

Any help?

I tried this on my root domain and everything is perfectly working admin panel loading fine but my target it to install in on a subdirectory eg.

 en/new-portal

or any other directory

If at all possible, try to log your headers during the attempt to get to your log-in page because it appears that there are multiple rewrite rules and then additional scripts that repeat the same actions based on cookies - but I am not certain of any of this.

The Apache forum is a great place to get assistance with your htaccess configuration but this looks like it is intended to be handled by the PHP script of your CMS. PHP doesn't work like javascript, it is server-side so if the same 'page' (script) is coming back around due to a redirect/rewrite it isn't going to do what it was written to do. Look for an error telling you that 'headers were already sent'.

I would try to examine the PHP error logs, your raw access logs and the live headers if possible to see where these different components are being triggered. Does the CMS offer any instructions that help you avoid duplicate efforts? It just does not make sense to use multiple methods to handle your canonical rewrite and it definitely should not be the first rule listed but it clearly is incomplete as written.

Found the issue, it was PHP issue currently my root domain uses mod_php and it is not compatible with my 2nd CMS for some reason. When I change execution mode to FastCGI things start to work normally. I really don't know what is going on there but I'm glad that things are working the way I want now and I can live with that :)

Thank you again for your support

Stay Safe All.

Very happy to hear you have it worked out. Good luck!

Thank you always :)

Another happy ending! (I do love those!)

@tangor Thank you :)