These are the common used mod_rewrite syntax and usages:

RewriteCond
Syntax: RewriteCond TestString CondPattern [flags]

TestString:
%{REQUEST_URI} : The resource requested in HTTP request line.
%{REQUEST_FILENAME} : The full local filesystem path.

CondPattern:
!-f : not a regular file
!-d : not a directory

flags:
NC : no case
OR : or next condition

RewriteRule
Syntax: RewriteRule Pattern Substitution [flags]

flags:
F : force URL to be forbidden
L : last rule

Rewrite rules to block out some common exploits
If you experience problems on your site block out the operations listed below. This attempts to block the most common type of exploit attempts:

# Block out any script trying to base64_encode crap to send via URL
RewriteCond %{QUERY_STRING} base64_encode.*(.*) [OR]
# Block out any script that includes a <script> tag in URL
RewriteCond %{QUERY_STRING} (<|%3C).*script.*(>|%3E) [NC,OR]
# Block out any script trying to set a PHP GLOBALS variable via URL
RewriteCond %{QUERY_STRING} GLOBALS(=|[|%[0-9A-Z]{0,2}) [OR]
# Block out any script trying to modify a _REQUEST variable via URL
RewriteCond %{QUERY_STRING} _REQUEST(=|[|%[0-9A-Z]{0,2})
# Send all blocked request to homepage with 403 Forbidden error!
RewriteRule ^(.*)$ index.php [F,L]