To set up your server behind a router, do the following:
>Set the IP of the server computer (dont use DHCP, which is listed in xp as "get an ip automatically")
>Once your server has a local static ip, go into your router config and foward the following:
80 (if it's running a web server)
20 and 21 (if it's running an FTP server)
22 (if you want to allow remote SSHing, not recomended)
25 (if it's running an SMTP daemon)
110 (if it's running a POP3 daemon)
DO NOT foward ports that dont need to be forwarded (ie dont forward 110 if the server isnt running a POP3 daemon)
As for keeping your server safe, close all other ports (I'm not sure how to do that, my router stealths everthing automatically), keep it updated, both windows and apache or whatever servers you are running.
A good way to find open ports is to either port scan your server from another local computer (to find ports open on the actual computer) then run a
Sheilds Up! test to find ports open to the internet.