What is purpose or use of .htaccess file?

File_HtAccess provides common methods to create and manipulate Apache / NCSA style .htaccess files. These files together with accompanying password files are used to protect webserver directories. Since File_HtAccess does not provide any means to manipulate or create password files you should use it together with File_Passwd.

  Besides the .htaccess file in the Drupal site main folder, I've found a .htaccess file in the sites\default\files folder, and further such files some sub-folders of sites\default\files folder (for example, in sites\default\files\private).

  The first .htaccess file in the root directory is for routing and to override any PHP related settings.
  The second .htaccess file under sites/default/files is for security purpose, to avoid any file injection. This folder is Drupal's main upload folder.
  The upload folder can be moved in different places, or in a multi site setup you could have more than one folder. That is why they provided a separate .htaccess instead of putting everything in one place.

  .htaccess is an apache directives file. .htaccess (Hypertext Access) is the default name of Apache's directory-level configuration file. It provides the ability to customize configuration directives defined in the main configuration file. Without your Drupal using this file, you may notice some irregularities. These irregularities will depend on what your host has in their .htaccess since you aren't allowed to use your own.