I like Nginx a lot but apache isn't insecure by comparison. Nginx is possibly more secure out of the box with minimal configs but that's not a given either. You can do dumb things with either product.
"You should avoid using .htaccess files completely if you have access to httpd main server config file...Any directive that you can include in a .htaccess file is better set in a Directory block, as it will have the same effect with better performance."
