An endless number of methods or ways exists to access illegally a web server or a website. The task of defending a system (e.g. network, server, website, etc.) is complex and challenging. SNORT is one of the popular open source tools that can be used to detect and possibly prevent illegal access and attacks for networks and websites. However, this largely depends on the way SNORT rules are designed and implemented. In this paper, the authors investigated in details several examples of SNORT rules and how they can be tuned to improve websites protection. They demonstrated practical methods to design and implement those methods in such ways that can show to security personnel how effectively can SNORT rules be used.