Summary
We have taken a great step with two important tools: .htaccess and php.ini. Take time to review your settings and add appropriate hacks. Remember to test on a non-production server first and then back up your site and deploy. Don't reverse the order!
The following are a few links of great importance that I have found very useful, and hopefully will save your time in hunting them down:
http://shiflett.org: Chris is the author of Essential PHP Security, a must read.
http://perishablepress.com/press/2006/01/10/stupid-htaccess-tricks
http://articles.techrepublic.com.com/5100-22-5268948.html: This is a good article on php.ini.
http://phpsec.org/: An excellent site to learn and improve your knowledge about PHP security. This one should be bookmarked and read thoroughly.
