Friendly URLs are useful for visitors and search engines through logical navigation but a simple security benefit can also be achieved.
File extensions such as PHP or ASP at the end of a page url i.e. www.example.com/shop/products.asp is basically shouting out to hackers or bots farming for exploits, “hey you! look at me, my page is wrote in ASP, I must be running IIS”.
By hiding file extensions the URL would display www.example.com/shop/products
This is a simple first line defence all SEOs should take in to consideration by making it harder for any potential exploiters to identify information they don’t need to know whilst also benefiting search optimisation.
If for any reason you were to build a new site and the file extensions changed, there is a reduced chance of losing or spending time checking for broken back links and no need to worry about creating a load of last minute redirects.
Nothing is ever 100% secure but this little tip will certainly reduce the chances of a site being targeted.