Options -Indexes
<FilesMatch "^(wp-config\.php|\.htaccess|readme\.html|license\.txt)$">
Require all denied
</FilesMatch>
<Files xmlrpc.php>
Require all denied
</Files>
<Files wp-login.php>
Require all denied
</Files>

<IfModule mod_rewrite.c>
RewriteEngine On
RewriteRule .* - [E=HTTP_AUTHORIZATION:%{HTTP:Authorization}]
RewriteBase /nare/

# Custom login access
RewriteRule ^secure-portal-9x7k/?$ /nare/secret-access.php [L]

# Block user enumeration
RewriteCond %{QUERY_STRING} author=\d
RewriteRule ^ /nare/? [L,R=301]

# Fallback redirect for old uploads path
RewriteRule ^wp-content/uploads/(.*)$ /nare/wp-content/assets/$1 [L,R=301]

RewriteRule ^index\.php$ - [L]
RewriteCond %{REQUEST_FILENAME} !-f
RewriteCond %{REQUEST_FILENAME} !-d
RewriteRule . /nare/index.php [L]
</IfModule>
# php -- BEGIN cPanel-generated handler, do not edit
# Set the “ea-php82” package as the default “PHP” programming language.
<IfModule mime_module>
  AddHandler application/x-httpd-ea-php82 .php .php8 .phtml
</IfModule>
# php -- END cPanel-generated handler, do not edit
