The below website has some really cool tutorials and links on how to protect your site against attacks.
Video Series Part 1: Cross-Site Request Forgery (CSRF)
Attacks based on Cross-Site Request Forgery (also called CSRF) are a serious threat to every programmer who isn’t careful when it comes to protecting his websites. Don’t take this stuff lightly!
Video Series Part 2: Cross-Site Scripting (XSS)
XSS-based attacks are very powerful and dangerous. However it is very easy to protect against them if you know how.
Click here for the videos