1st Test: https://www.woorank.com/

Improve: Meta description. Downloading Yoast

2.- Security

Test1: https://sitecheck.sucuri.net/results/ntalam.com = Medium Security Risk

Solving: Directory Listing.

Modify /etc/apache2/sites-available/xxxx.conf adding

....
</VirtualHost>
<Directory /var/www/html/example.com/public_html>
    Options Indexes FollowSymLinks
    AllowOverride All
    Require all granted
</Directory>

Restart the server

sudo service apache2 restart

Fixing the headers for PHP wp

a2enmod headers

Now we have to modify the .conf file and add…
(notice the 443 port)

<VirtualHost *:443>
Header always append X-Frame-Options SAMEORIGIN
Header always set Strict-Transport-Security “max-age=31536000;”
Header set X-XSS-Protection "1; mode=block"
Header set X-Content-Type-Options nosniff
Header always set Strict-Transport-Security "max-age=63072000; includeSubDomains"
</VirtualHost>

Sources: https://www.linode.com/docs/web-servers/apache/how-to-set-up-htaccess-on-apache/
https://stackoverflow.com/questions/34554240/apache-edit-to-conf-file-produces-invalid-command-header
https://www.webarxsecurity.com/https-security-headers-wp/
https://www.xolphin.com/support/Apache_FAQ/Apache_-_Configuring_HTTP_Strict_Transport_Security