Common .HTACCESS Directives for WordPress
HTACCESS files are used in UNIX based web servers to provide information to the server in addition to the servers own configuration file. WordPress uses HTACCESS files for two reasons. The first is that the permalinks function in WordPress requires a standard set of entries in the site’s main HTACCESS file. Second, plugins will sometimes either have their own HTACCESS file in their main plugin directory or place a few lines in the sites main HTACCESS file. The presence of one or more HTACCESS files ARE NOT a bad thing but you should be aware of them and from time to time you DO want to look for what is called a malicious redirect.
Malicious redirects are permanent instructions to the web server that either redirect search engine robots or all traffic from your website to another website. Though permanent 301 redirects are used for legitimate purposes on websites, they are commonly slipped into a website for malicious purposes as well. The easy way to tell a malicious redirect is when the domain it redirects to is something clearly not associated with your blog or any plugin on your blog (e.g. an online pharmacy or site selling desktop software products).
If you are a plugin developer and use an HTACCESS file in your plugin, feel free to list it by submitting a comment with the actual contents and an explanation of what you are doing. I have also created a downloadable PDF with common HTACCESS entries on WordPress blogs and some examples of 301 redirects.