Is malware masquerading in your htaccess file?

I recently found this in an htaccess file of a WordPress site: I had never heard of iThemes Security, but the code looked like malware I’ve seen before. And since this site, according to the owner, never had the iThemes Security plugin installed, I was...