# Leverage Browser Caching by SG-Optimizer
<IfModule mod_expires.c>
    ExpiresActive on
  # CSS
    ExpiresByType text/css                              "access plus 1 year"
  # JavaScript
    ExpiresByType application/javascript                "access plus 1 year"
    ExpiresByType application/x-javascript              "access plus 1 year"
  # Manifest files
    ExpiresByType application/x-web-app-manifest+json   "access plus 0 seconds"
    ExpiresByType text/cache-manifest                   "access plus 0 seconds"
  # Media
    ExpiresByType audio/ogg                             "access plus 1 year"
    ExpiresByType image/gif                             "access plus 1 year"
    ExpiresByType image/jpg                             "access plus 1 year"
    ExpiresByType image/jpeg                            "access plus 1 year"
    ExpiresByType image/png                             "access plus 1 year"
    ExpiresByType image/svg                             "access plus 1 year"
    ExpiresByType image/svg+xml                         "access plus 1 year"
    ExpiresByType video/mp4                             "access plus 1 year"
    ExpiresByType video/ogg                             "access plus 1 year"
    ExpiresByType video/webm                            "access plus 1 year"
    ExpiresByType image/x-icon                          "access plus 1 year"
    ExpiresByType application/pdf                       "access plus 1 year"
    ExpiresByType application/x-shockwave-flash         "access plus 1 year"
  # XML
    ExpiresByType text/xml                              "access plus 0 seconds"
    ExpiresByType application/xml                       "access plus 0 seconds"
  # Web feeds
    ExpiresByType application/atom+xml                  "access plus 1 hour"
    ExpiresByType application/rss+xml                   "access plus 1 hour"
  # Web fonts
    ExpiresByType application/font-woff                 "access plus 1 year"
    ExpiresByType application/font-woff2                "access plus 1 year"
    ExpiresByType application/vnd.ms-fontobject         "access plus 1 year"
    ExpiresByType application/x-font-ttf                "access plus 1 year"
    ExpiresByType font/opentype                         "access plus 1 year"
</IfModule>
# END LBC





# GZIP enabled by SG-Optimizer
<IfModule mod_deflate.c>
    <IfModule mod_filter.c>
       AddOutputFilterByType DEFLATE "application/atom+xml" \
          "application/javascript" \
          "application/json" \
          "application/ld+json" \
          "application/manifest+json" \
          "application/rdf+xml" \
          "application/rss+xml" \
          "application/schema+json" \
          "application/vnd.geo+json" \
          "application/vnd.ms-fontobject" \
          "application/x-font-ttf" \
          "application/x-javascript" \
          "application/x-web-app-manifest+json" \
          "application/xhtml+xml" \
          "application/xml" \
          "font/eot" \
          "font/opentype" \
          "image/bmp" \
          "image/svg+xml" \
          "image/vnd.microsoft.icon" \
          "image/x-icon" \
          "text/cache-manifest" \
          "text/css" \
          "text/html" \
          "text/javascript" \
          "text/plain" \
          "text/vcard" \
          "text/vnd.rim.location.xloc" \
          "text/vtt" \
          "text/x-component" \
          "text/x-cross-domain-policy" \
          "text/xml"
    </IfModule>
</IfModule>
# END GZIP
# BEGIN LSCACHE
## LITESPEED WP CACHE PLUGIN - Do not edit the contents of this block! ##
<IfModule LiteSpeed>
RewriteEngine on
CacheLookup on
RewriteRule .* - [E=Cache-Control:no-autoflush]
RewriteRule litespeed/debug/.*\.log$ - [F,L]
RewriteRule \.litespeed_conf\.dat - [F,L]

### marker ASYNC start ###
RewriteCond %{REQUEST_URI} /wp-admin/admin-ajax\.php
RewriteCond %{QUERY_STRING} action=async_litespeed
RewriteRule .* - [E=noabort:1]
### marker ASYNC end ###

### marker MOBILE start ###
RewriteCond %{HTTP_USER_AGENT} Mobile|Android|Silk/|Kindle|BlackBerry|Opera\ Mini|Opera\ Mobi [NC]
RewriteRule .* - [E=Cache-Control:vary=%{ENV:LSCACHE_VARY_VALUE}+ismobile]
### marker MOBILE end ###

### marker WEBP start ###
RewriteCond %{HTTP_ACCEPT} "image/webp"
RewriteRule .* - [E=Cache-Control:vary=%{ENV:LSCACHE_VARY_VALUE}+webp]
RewriteCond %{HTTP_USER_AGENT} iPhone.*Version/(\d{2}).*Safari
RewriteCond %1 >13
RewriteRule .* - [E=Cache-Control:vary=%{ENV:LSCACHE_VARY_VALUE}+webp]
RewriteCond %{HTTP_USER_AGENT} Firefox/([0-9]+)
RewriteCond %1 >=65
RewriteRule .* - [E=Cache-Control:vary=%{ENV:LSCACHE_VARY_VALUE}+webp]
### marker WEBP end ###

### marker DROPQS start ###
CacheKeyModify -qs:fbclid
CacheKeyModify -qs:gclid
CacheKeyModify -qs:utm*
CacheKeyModify -qs:_ga
### marker DROPQS end ###

</IfModule>
## LITESPEED WP CACHE PLUGIN - Do not edit the contents of this block! ##
# END LSCACHE
# BEGIN NON_LSCACHE
## LITESPEED WP CACHE PLUGIN - Do not edit the contents of this block! ##
### marker BROWSER CACHE start ###
<IfModule mod_expires.c>
ExpiresActive on
ExpiresByType application/pdf A31557600
ExpiresByType image/x-icon A31557600
ExpiresByType image/vnd.microsoft.icon A31557600
ExpiresByType image/svg+xml A31557600

ExpiresByType image/jpg A31557600
ExpiresByType image/jpeg A31557600
ExpiresByType image/png A31557600
ExpiresByType image/gif A31557600
ExpiresByType image/webp A31557600
ExpiresByType image/avif A31557600

ExpiresByType video/ogg A31557600
ExpiresByType audio/ogg A31557600
ExpiresByType video/mp4 A31557600
ExpiresByType video/webm A31557600

ExpiresByType text/css A31557600
ExpiresByType text/javascript A31557600
ExpiresByType application/javascript A31557600
ExpiresByType application/x-javascript A31557600

ExpiresByType application/x-font-ttf A31557600
ExpiresByType application/x-font-woff A31557600
ExpiresByType application/font-woff A31557600
ExpiresByType application/font-woff2 A31557600
ExpiresByType application/vnd.ms-fontobject A31557600
ExpiresByType font/ttf A31557600
ExpiresByType font/otf A31557600
ExpiresByType font/woff A31557600
ExpiresByType font/woff2 A31557600

</IfModule>
### marker BROWSER CACHE end ###

## LITESPEED WP CACHE PLUGIN - Do not edit the contents of this block! ##
# END NON_LSCACHE
# BEGIN WordPress
# Las directivas (líneas) entre "BEGIN WordPress" y "END WordPress" son
# generadas dinámicamente y solo deberían ser modificadas mediante filtros de WordPress.
# Cualquier cambio en las directivas que hay entre esos marcadores serán sobrescritas.
<IfModule mod_rewrite.c>
RewriteEngine On
RewriteRule .* - [E=HTTP_AUTHORIZATION:%{HTTP:Authorization}]
RewriteBase /
RewriteRule ^index\.php$ - [L]
RewriteCond %{REQUEST_FILENAME} !-f
RewriteCond %{REQUEST_FILENAME} !-d
RewriteRule . /index.php [L]
</IfModule>

# END WordPress

# Block the include-only files - scripts que otros usuarios no pueden acceder a través de mod_rewrite. 
RewriteEngine On 
RewriteBase / 
RewriteRule ^wp-admin/includes/ - [F,L] 
RewriteRule !^wp-includes/ - [S=3] 
RewriteRule ^wp-includes/[^/]+\.php$ - [F,L] 
RewriteRule ^wp-includes/js/tinymce/langs/.+\.php - [F,L] 
RewriteRule ^wp-includes/theme-compat/ - [F,L] 

#Bloqueo para WordPress contra ataques wp-login en .htaccess
<IfModule mod_rewrite.c>
RewriteCond %{REQUEST_METHOD} =POST
RewriteCond %{REQUEST_URI} ^/wp-login\.php(.*)$ [OR]
RewriteCond %{REQUEST_URI} ^/wp-admin$
</IfModule>

#Bloquear robots maliciosos
RewriteEngine On
RewriteCond %{HTTP_USER_AGENT} ^BlackWidow [OR]
RewriteCond %{HTTP_USER_AGENT} ^Zeus
RewriteRule .* - [F]


#README OCULTAR
#Eliminar ficheros de licencia o el acceso
<Files readme.html>
  Deny from all
</Files>

#bloquear los accesos al propio fichero .htaccess.

<files .htaccess> 
order allow,deny 
deny from all 
</files> 

#Impedir indexación y exploración de directorios

Options -Indexes

#Deshabilitar XML-RPC

<Files xmlrpc.php>
   order deny,allow
   deny from all
</Files>

<files license.txt>
  deny from all
</files>

#Begin Really Simple Security
Options -Indexes
#End Really Simple Security
# BEGIN WordPress 

#Para evitar que algunos códigos maliciosos intenten esconderse bajo nombres como xxxxxx.php.jpg , añada las líneas: 
<FilesMatch "\.(php|php\.)(.+)(\w|\d)$"> 
Order Allow,Deny 
Deny from all 
</FilesMatch> 

#Bloquear los accesos a varias extensiones
<FilesMatch "\.(htaccess|htpasswd|ini|phps|fla|psd|log|sh)$">
Order Allow,Deny
Deny from all
</FilesMatch>

#Disfrazar la extensión de los archivos
AddType application/x-httpd-php .foo

# BEGIN cPanel-generated php ini directives, do not edit
# Manual editing of this file may result in unexpected behavior.
# To make changes to this file, use the cPanel MultiPHP INI Editor (Home >> Software >> MultiPHP INI Editor)
# For more information, read our documentation (https://go.cpanel.net/EA4ModifyINI)
<IfModule php8_module>
   php_flag display_errors Off
   php_value max_execution_time 3600
   php_value max_input_time 3600
   php_value max_input_vars 3000
   php_value memory_limit 1024M
   php_value post_max_size 2G
   php_value session.gc_maxlifetime 1440
   php_value session.save_path "/var/cpanel/php/sessions/ea-php83"
   php_value upload_max_filesize 2G
   php_flag zlib.output_compression Off
</IfModule>
<IfModule lsapi_module>
   php_flag display_errors Off
   php_value max_execution_time 3600
   php_value max_input_time 3600
   php_value max_input_vars 3000
   php_value memory_limit 1024M
   php_value post_max_size 2G
   php_value session.gc_maxlifetime 1440
   php_value session.save_path "/var/cpanel/php/sessions/ea-php83"
   php_value upload_max_filesize 2G
   php_flag zlib.output_compression Off
</IfModule>
# END cPanel-generated php ini directives, do not edit

# SGO Unset Vary
  Header unset Vary
# SGO Unset Vary END

# php -- BEGIN cPanel-generated handler, do not edit
# Set the “ea-php83” package as the default “PHP” programming language.
<IfModule mime_module>
  AddHandler application/x-httpd-ea-php83 .php .php8 .phtml
</IfModule>
# php -- END cPanel-generated handler, do not edit
