Was getting 500 errors whenever attempting to access a non-existent file located within wp-content/, wp-admin/ or wp-includes/ for a multisite — in my case, this was due to an upload that no longer existed (so a fairly easy thing to trigger). Hunting around on the web lead to no useful results at the time, so I dug into the htacess file, and found all of the problems to center around this line:
RewriteRule ^([_0-9a-zA-Z-]+/)?(wp-(content|admin|includes).*) $2 [L]
The problem with the line is a mismatch between what is intended, and what is written. The intent of the line is to redirect any subsite's (be it subfolder or subdomain) wp-content/, wp-admin/ and/or wp-includes/ folder to the top-level one (the only one that exists on a propr multisite install). The problem is: It would also be willing to forward the top-level wp-content/, wp-admin/ and/or wp-includes/ folder to itself indefinitely. This would normally happen for any access, but lines above it prevent the bug from showing in most cases — so long as the target folder or file exists.
But why does the top-level wp-content/, wp-admin/ and/or wp-includes/ even need to redirect itself to itself? It doesn't. It only needs to redirect if it is logically contained within some other folder. And so, if you change that bolded ? to a +, you'll find the mysterious 500 error goes away.
Now, I can't say that this has no edge cases, I just can't think of any — nor have I triggered any through my use of this "fix". Let me know if this does (or does not) work for you.
The above is true for sites using subfolders, but a similar issue exists for subdomain-based multisites. The afflicted code:
RewriteRule ^(wp-(content|admin|includes).*) $1 [L]
Really, this shouldn't even exist. All it states is: "If given a url that starts with wp-content/, wp-admin/ and/or wp-includes/, redirect it to iself". Thich is literally the definition of a redirect loop. It shouldn't exist on a subdomain-based multisite: Each subdomain acts as it is has its own top-level folders, so the URIs will naturally be rooted at the top-level. I opted to use my solution from above — but really, the entire line is useless.
The line following has a similar issue:
RewriteRule ^(.*\.php)$ $1 [L]
It states: "If given the URI to a php file, redirect to that URI". How unhelpful. At least under Apache, this gets caught quickly and turned into a server-based 404, but I'd prefer a WordPress-based 404 (for consistency). To do that, remove the line from the htaccess file. Or, change it to this:
RewriteRule ^([_0-9a-zA-Z-]+/)+(.*\.php)$ $2 [L]