When you have a website, you need to deal with and protect yourself from common attacks such as Cross-Site Scripting, Local File Inclusion and SQL Injection which all start with transmission of hostile commands via the HTTP Request. The challenge consists of separating legitimate requests from the hostile or malicious ones.

If the website is hosted on an Apache server, there is a powerful mechanism available to help mitigating attacks: the Apache .htaccess file. Properly configured, the .htaccess file on a server with mod_rewrite enabled can provide a robust defense against many HTTP Request attacks.

This is an in-depth article over many pages.