What you could do is redirect a person based on the page he visits. A lot of frameworks have build-in route validation for that. Take for example: http://symfony.com/doc/master/book/routing.html
If a route does not match, it will display the framework's 404 page. You can't really send them to that page based on user input, what you rather have is (in case of forms) validate and display an error if it goes wrong. Symfony2 (in this case) also provides CSRF tokens to prevent XSS for example. http://symfony.com/doc/current/book/forms.html
This is pretty much all programming you need to do to secure your website and validate the user input. NEVER trust what the user sends to you, that includes $_SERVER variables ;)