It could be more efficient with a few changes. The WP snippet should be the last one in your list. I tried altering that snippet once because it "shouldn't" require the

<IfModule..

envelope, but it does need to stay the way it is generated - for whatever reason.

The other sections should not need to repeat that

<IfModule

because

either you have it or you don't.
- lucy24

besides, the RewriteEngine on line only needs to be there once, before the first rewrite and with many Apache servers it is "on" by default. But it hurts nothing to have it once before your rewrites.

Another efficiency point is to remove the

[NC]

(no case) flag unless it is an expected format, because it adds work for the server without doing anything.

There is more, but my free time is gone for now. I'll check back later, but I know you'll get more help with this.

The WP snippet should be the last one in your list.

Likewise, the last couple of snippets (inc. "redirect www to non www domain") should appear first. Generally, external redirects should come before internal rewrites.

Penders & Not2easy, Thank you both for your input.

Can you please confirm the following makes more sense as one block?

<IfModule mod_rewrite.c>
# redirect www to non www domain
RewriteEngine on
RewriteCond %{HTTP_HOST} !^example\.com [NC]
RewriteRule ^/?(.*)$ http://example.com/$1 [R=301]

RewriteCond %{HTTP_REFERER} buttons-for-website\.com [OR]
RewriteCond %{HTTP_REFERER} semalt\.semalt\.com [OR]
RewriteCond %{HTTP_REFERER} make-money-online\.7makemoneyonline\.com
RewriteRule .* - [F,L]

# BEGIN WordPress
RewriteBase /
RewriteRule ^index\.php$ - [L]
RewriteCond %{REQUEST_FILENAME} !-f
RewriteCond %{REQUEST_FILENAME} !-d
RewriteRule . /index.php [L]
</IfModule>
# END WordPress

Thanks in advance,

Kind of, although as not2easy suggests, "it [WP snippet] does need to stay the way it is generated - for whatever reason" - I assume this includes the <IfModule envelope. (?)

Although I did say redirects should come first, your %{HTTP_REFERER} rewrites should perhaps come first since they are blocking site access. And for these you don't really want to issue a redirect.

Just a couple of points...

RewriteRule .* - [F,L]

Where you specify the F flag, you don't need the L flag as well - this is implied.

RewriteRule ^/?(.*)$ http://example.com/$1 [R=301]

If this is in .htaccess, which you say it is (as opposed to server config) then you can omit the /? from the pattern.

RewriteCond %{HTTP_HOST} !^example\.com [NC]

Perhaps personal preference, but I would specify this as "starts www", rather than "does not start with your domain". In other words:

RewriteCond %{HTTP_HOST} ^www\. [NC]

The "AIOWPS_BLOCK_SPAMBOTS" section is presumably not required?

Although I did say redirects should come first

I usually say it like this: list your rules in order of severity. That means: first all rules with [F] flag. Then [G] if any. Then external redirects (any form of [R]). Finally internal rewrites ([L] flag only). Post-finally: rules without [L] flag (these are rare).

One exception: If you have any rules with an [F] flag, these must be preceded by

RewriteRule ^forbidden\.html - [L]

replacing "forbidden.html" with the exact name and path of your custom 403 page. This is necessary to prevent infinite loops.

Perhaps personal preference, but

I'm going to disagree on this one. Domain name canonicalization should be expressed as a negative, so the rule says "If the requested host is anything other than my preferred form, then redirect". This covers you in case of weird requests with appended port number, as well as situations where you've got wild-card subdomains that you're not actually using. It also covers the rare but undesirable situation of some scraper or spammer pointing their DNS at your space, so the entire domain name is different.

Don't change anything inside the WordPress envelope-- the part that begins and ends with # comment lines. That means leave both halves of the <IfModule> envelope in place (even though it's silly, because WP will simply not work if you don't have mod_rewrite). Outside the WP section, you do not need to say anything about <IfModule.

Within your external redirects-- the ones with [R] flag-- the domain-name rule should be the very last one. If you have an index redirect-- you might not, if the whole site is WP-- that would go second-to-last. The principle here is: Within each group of rules ([F], [G] and so on) list rules from most specific to most general. The domain-name rule, for example, only kicks in when no earlier redirect or lockout has had effect.

RewriteCond %{HTTP_HOST} !^example\.com [NC]

i would be more specific and also allow for HTTP 1.0 user agents which won't necessarily provide a HOST header.

RewriteCond %{HTTP_HOST} !^(example\.com)?$ [NC]

oh, and welcome to WebmasterWorld, Mass501!