This post covers all the web security basics. This includes how to secure your website, plug holes, and avoid common website security threats.
Your primary goal in addressing web security should be covering your basic risks. You don't necessarily have to be at the cutting edge, the real goal here is not to be the "low hanging fruit". Here are a few tips that would help cover you no matter how your website or server is constructed.
How To Secure Your Website in a Few Easy Steps
Once The Web Security Basics Are Covered, Why Not Get Advanced?
It's important to keep in mind that every project has unique needs and your security should reflect that. If you're still uncomfortable with htaccess, there are usually plugins (on WordPress for example) that can cover your needs. That said, when dealing with an Apache server you should become familiar with Regex, htaccess, then hop into server level config files. While these are tricky skills to pick up, their value is truly immeasurable. Once you dig in you'll quickly come to the realization that these are the engines behind your website, so boosting power really needs to come from there.
Those are a few site security tips to keep in mind. If you have any other "must do" tips to secure your website, please leave them below. Be sure to take a quick look at the "htaccess" links below and familiarize yourself. Getting a solid grip on this one file can make your web developing life MUCH easier!