Database security

There must be a lot of database security questions on this forum. I am a newbie and not sure how to find my way yet.
I need some tutorial or process to follow to secure my SQL Server databases against attacks. Are there such a shopping lists?
I am using a server side .dll to edit the databases with Http protocol.