All sorts of .htaccess fixes, redirects and security related settings

.htaccess

#Front Controller rewrite
RewriteEngine on
RewriteBase /
RewriteCond %{REQUEST_FILENAME} !-f
RewriteCond %{REQUEST_FILENAME} !-d
RewriteRule ^.*$ index.php [L,NC]

# Ensure we are using HTTPS
RewriteCond %{HTTPS} !on
RewriteRule (.*) https://%{HTTP_HOST}%{REQUEST_URI} [L,R=301]
 
# Ensure all URLs have a trailing slash.
RewriteBase /
RewriteCond %{REQUEST_FILENAME} !-f
RewriteCond %{REQUEST_URI} !(.*)/$
RewriteRule ^(.*)$ http://www.example.com/$1/ [L,R=301]

#Apache Standard Settings
ServerSignature Off

#PHP Standard Settings
php_value display_errors 0
php_value display_startup_errors 0
php_value expose_php Off

#Standard Conanical fixes
RewriteEngine on
RewriteCond %{HTTP_HOST} ^domain.tld
RewriteRule (.*) http://www.domain.tld/$1 [R=301,L]
RewriteRule ^index.php$ http://www.domain.tld/ [R=301]
RewriteRule ^index.html$ http://www.domain.tld/ [R=301]

#Subdirectory as root redirect
RewriteEngine On
RewriteCond %{HTTP_HOST} ^(www.)?domain.tld$
RewriteRule ^(/)?$ folder [L]

# Temp maintenence with a whitelisted IP
#Options +FollowSymlinks
#RewriteEngine on
#RewriteCond %{REQUEST_URI} !/maintenancePage.php$
#RewriteCond %{REMOTE_HOST} !^000\.000\.000\.000
#RewriteRule $ /maintenanc0Pagee.php [R=302,L]

#301 Marketing forward
Redirect permanent /shortcut http://www.domain.tld/file.php [R=301,L]

#301 Page Moved
Redirect permanent /newpage.php http://www.domain.tld/oldpage.php [R=301,L]

#404 Page Not Found Redirect
ErrorDocument 404 /page_not_found.ext

# Apache Example Caching
<IfModule mod_expires.c>
ExpiresActive On
ExpiresByType image/gif "access plus 1 week"
ExpiresByType image/jpeg "access plus 1 week"
ExpiresByType image/png "access plus 1 week"
ExpiresByType text/css "access plus 1 week"
ExpiresByType text/javascript "access plus 1 week"
ExpiresByType application/javascript "access plus 1 week"
ExpiresByType application/x-javascript "access plus 1 week"
AddType image/vnd.microsoft.icon .ico
ExpiresByType image/vnd.microsoft.icon "access plus 3 months"
</IfModule>

#Apache Example GZIP compression
<IfModule mod_expires.c>
AddOutputFilterByType DEFLATE text/plain
AddOutputFilterByType DEFLATE text/html
AddOutputFilterByType DEFLATE text/xml
AddOutputFilterByType DEFLATE text/css
AddOutputFilterByType DEFLATE text/javascript
AddOutputFilterByType DEFLATE application/xml
AddOutputFilterByType DEFLATE application/xhtml+xml
AddOutputFilterByType DEFLATE application/rss+xml
AddOutputFilterByType DEFLATE application/javascript
AddOutputFilterByType DEFLATE application/x-javascript
</IfModule>

#Disable ETag
FileETag none

#Block php includes from user download
<Files ~ "\.inc\.php$">
  order allow,deny
  deny from all
</Files>

#PHP Settings
php_value display_errors 0
php_value display_startup_errors 0
php_value expose_php Off

#Apache Settings
ServerSignature Off
AcceptPathInfo off
FileETag none

#404 Redirect
ErrorDocument 404 /page_not_found.php

#Block includes from user download
<Files ~ "\.inc\.php$">
  order allow,deny
  deny from all
</Files>

#keep at bottom of file - loads /pagename.php into requests for /pagename
Options +FollowSymlinks
RewriteEngine On
RewriteCond %{REQUEST_FILENAME} !-d
RewriteCond %{REQUEST_FILENAME} !-f
RewriteRule ^([^\.]+)$ $1.php [NC,L]

#No directory browsing
Options All -Indexes

#Ban IPs Example
<Limit GET POST>
order allow,deny
deny from 202.090.21.1
deny from 204.090.21.2
allow from all
</Limit>

#Protect htaccess
<Files ~ "^.*\.([Hh][Tt][Aa])">
order allow,deny
deny from all
satisfy all
</Files>

#Disable TRACE Requests
RewriteEngine on
RewriteCond %{REQUEST_METHOD} ^(TRACE|TRACK)
RewriteRule .* - [F]