.htaccess files provide a way to make configurative changes on a per-directory basis. A file containing one or more configuration directives is placed in a particular document directory and the directives are applied to that directory and all sub-directories thereof.
1. make server signature off
How to test if your website has its server signature turned off: http://security.firewallmonitor.org
2. Set your htaccess file inaccessible to read
3. Set error redirects
4. Make directory listing turned off
5. Secure directories with passwords wherever possible
6. Prevent rogue IPs and domains from accessing your site
Source: https://www.minitek.gr/blog/the-9-most-important-security-settings-in-htaccess
https://www.koozai.com/blog/search-marketing/htaccess-file/