<IfModule mod_rewrite.c>
RewriteEngine On

# ----------------------------------------
# Force HTTPS + canonical domain
# ----------------------------------------
RewriteCond %{HTTPS} off [OR]
RewriteCond %{HTTP:X-Forwarded-SSL} !on
RewriteCond %{HTTP_HOST} ^www\.posscales\.com\.au$ [NC]
RewriteRule ^(.*)$ https://posscales.com.au/$1 [R=301,L]

RewriteCond %{HTTP_HOST} ^posscales\.com$ [NC,OR]
RewriteCond %{HTTP_HOST} ^www\.posscales\.com$ [NC]
RewriteRule ^(.*)$ https://posscales.com.au/$1 [R=301,L]

RewriteCond %{HTTP_HOST} ^posscales\.net$ [NC,OR]
RewriteCond %{HTTP_HOST} ^www\.posscales\.net$ [NC]
RewriteRule ^(.*)$ https://posscales.com.au/ [R=301,L]

# Phones subdomains → redirect to main domain
RewriteCond %{HTTP_HOST} ^(www\.)?phones\.posscales\.com(\.au)?$ [NC]
RewriteRule ^(.*)$ https://posscales.com.au/$1 [R=302,L]

# ----------------------------------------
# Root → WP-POS
# ----------------------------------------
RewriteCond %{REQUEST_URI} ^/$
RewriteRule ^$ WP-POS/index.php [L]
</IfModule>

# ----------------------------------------
# Security Hardening
# ----------------------------------------
<files wp-config.php>
order allow,deny
deny from all
</files>

<files ~ "^.*\.([Hh][Tt][Aa])">
order allow,deny
deny from all
satisfy all
</files>

# Block WordPress xmlrpc.php requests
<Files xmlrpc.php>
order deny,allow
deny from all
</Files>

## BEGIN block author scans
<IfModule mod_rewrite.c>
RewriteCond %{QUERY_STRING} (author=\d+) [NC]
RewriteRule .* - [F]
</IfModule>
## END block author scans

# BEGIN cPanel-generated php ini directives, do not edit
# Manual editing of this file may result in unexpected behavior.
# To make changes to this file, use the cPanel MultiPHP INI Editor (Home >> Software >> MultiPHP INI Editor)
# For more information, read our documentation (https://go.cpanel.net/EA4ModifyINI)
<IfModule php8_module>
   php_flag display_errors On
   php_value max_execution_time 360
   php_value max_input_time 120
   php_value max_input_vars 3000
   php_value memory_limit 128M
   php_value post_max_size 8M
   php_value session.gc_maxlifetime 1440
   php_value session.save_path "/var/cpanel/php/sessions/ea-php84"
   php_value upload_max_filesize 64M
   php_flag zlib.output_compression Off
</IfModule>
<IfModule lsapi_module>
   php_flag display_errors On
   php_value max_execution_time 360
   php_value max_input_time 120
   php_value max_input_vars 3000
   php_value memory_limit 128M
   php_value post_max_size 8M
   php_value session.gc_maxlifetime 1440
   php_value session.save_path "/var/cpanel/php/sessions/ea-php84"
   php_value upload_max_filesize 64M
   php_flag zlib.output_compression Off
</IfModule>
# END cPanel-generated php ini directives, do not edit

# php -- BEGIN cPanel-generated handler, do not edit
# Set the “ea-php84” package as the default “PHP” programming language.
<IfModule mime_module>
  AddHandler application/x-httpd-ea-php84 .php .php8 .phtml
</IfModule>
# php -- END cPanel-generated handler, do not edit