After reading this article https://wpsecurity.net/155-reasons-w...tter-security/ I thought of sharing with you a sample .htaccess file I have created and use myself for my Wordpress blogs to enhance their on-page search engine optimization and security.

If you want to use it free free, but under your own responsibility. Comments are also appreciated.

Here somes the code (3 posts long):

### Turning on the RewriteEngine ####
RewriteEngine on
RewriteBase /
ServerSignature Off
Options All -Indexes
Options +FollowSymLinks
Options -MultiViews

# BEGIN wordpress
<IfModule mod_rewrite.c>
RewriteEngine On
RewriteBase /
RewriteCond %{REQUEST_FILENAME} !-f
RewriteCond %{REQUEST_FILENAME} !-d
RewriteRule . /index.php [L]
</IfModule>
# END wordpress

### If you use a mobile version plugin ###
RewriteCond %{HTTP_USER_AGENT} !^.+(iPhone|iPod|aspen|dream|incognito|webmate|Bla ckBerry9500|BlackBerry9530)

### Require the www to avoid cannonicalization issues by Dan ###
RewriteCond %{HTTP_HOST} !^www\.wordpressdemo\.com [NC]
RewriteRule ^(.*)$ http://www.wordpressdemo.com/$1 [L,R=301]

### Require to add trailing slash if not present to avoid cannonicalization issues ###
RewriteCond %{HTTP_HOST} !^www\.wordpressdemo\.com [NC]
RewriteCond %{HTTP_HOST} !^$
RewriteRule ^/(.*) http://www.wordpressdemo.com/$1 [L,R]

### Redirect index.html to / ######
RewriteCond %{THE_REQUEST} ^[A-Z]{3,9}\ /.*index\.html?\ HTTP/
RewriteRule ^(.*)index\.html?$ http://www.wordpressdemo.com/$1 [R=301,L]

### Redirect index.html to / ######
RewriteCond %{THE_REQUEST} ^[A-Z]{3,9}\ /.*index\.htm?\ HTTP/
RewriteRule ^(.*)index\.htm?$ http://www.wordpressdemo.com/$1 [R=301,L]

### Redirect index.php to / ######
RewriteCond %{THE_REQUEST} ^[A-Z]{3,9}\ /.*index\.php?\ HTTP/
RewriteRule ^(.*)index\.php?$ http://www.wordpressdemo.com/$1 [R=301,L]

<FilesMatch "robots\.txt">
Header set X-Robots-Tag "noindex"
</FilesMatch>

<FilesMatch "\.(js|xml)$">
Header set X-Robots-Tag "noindex,follow,noarchive,nosnippet"
</FilesMatch>

### Set the Server Administrator. Email Admin upon error ###
ServerSignature EMail
SetEnv SERVER_ADMIN info@wordpressdemo.com

### Set the server timezone ###
SetEnv TZ America/Los_Angeles

### Enable MD5 digests via ContentDigest ###
ContentDigest On

### Charset, Content Type & Language ###
AddDefaultCharset UTF-8
AddLanguage en-US .html .htm .css .js .php .pl
AddType 'text/html; charset=UTF-8' .html

### Remove IE imagetoolbar. META HTTP-EQUIV REPLACEMENTS ####
<FilesMatch "\.(html|htm|php)$">
Header set Imagetoolbar "no"
</FilesMatch>

########## Files Compression ##########
#<FilesMatch "\.(html|js|css|png|jpeg|jpg|gif|php)$">
# SetOutputFilter DEFLATE
#</FilesMatch>

<FilesMatch "\.(txt|xml)$">
Header set X-Robots-Tag "noindex,follow,noarchive,nosnippet"
</FilesMatch>

### Rules to save brandwidth ###
SetEnvIfNoCase ^If-Modified-Since$ "(.+)" HTTP_IF_MODIFIED_SINCE=$1
SetEnvIfNoCase ^If-None-Match$ "(.+)" HTTP_IF_NONE_MATCH=$1

### Expires Headers to Images ###
ExpiresActive On
ExpiresByType image/gif A2592000
ExpiresByType image/png A2592000
ExpiresByType image/jpg A2592000
ExpiresByType image/jpeg A2592000

##### Security settings #####

## LIMIT UPLOAD FILE SIZE TO PROTECT AGAINST DOS ATTACK by limiting file size to 0-2147483647 bytes, (2GB)###
LimitRequestBody 10240000

php_flag register_globals off

### Prevent .htaccess, .htpasswd and other files from being viewed by web clients ###
<FilesMatch "\.(htaccess|htpasswd|ini|phps|fla|psd|log|sh) $">
Order Allow,Deny
Deny from all
</FilesMatch>