Step 1

If this code isn’t already in your .htaccess then go ahead and add it. If it is, skip to the next part.

RewriteEngine On
Options +Followsymlinks

Step 2

Then place this within your .htaccess at the root of your site.

# Block out any script trying to base64_encode crap to send via URL
RewriteCond %{QUERY_STRING} base64_encode.*\(.*\) [OR]
# Block out any script that includes a <script> tag in URL
RewriteCond %{QUERY_STRING} (\<|%3C).*script.*(\>|%3E) [NC,OR]
# Block out any script trying to set a PHP GLOBALS variable via URL
RewriteCond %{QUERY_STRING} GLOBALS(=|\[|\%[0-9A-Z]{0,2}) [OR]
# Block out any script trying to modify a _REQUEST variable via URL
RewriteCond %{QUERY_STRING} _REQUEST(=|\[|\%[0-9A-Z]{0,2})
RewriteRule ^(.*)$ /home.php [F,L]

So basically this locks out any harmful queries that might be injected into your db. This is usually done through the URL so by using mod_rewrite and these restrictions, your making one SE safer at a time. Hope for the best and plan for the worst I guess. If anyone does know more about SE security bugs or stories please share.