At the beginning of ethereum, replay attacks were big problems, but, what's that and how to fix them ?
The attack : picking a transaction, and broadcasting it on another blockchain
For making a replay attack, an account should have balance on both blockchains (for example, ETH and ETC), or common unspent outputs on both (on bch and bcha for example).
It allows a transaction on 1st blockchain to be validated on 2nd one.
For example, if Bob sends 1 BCH to Alice, and didn't split BCHA, alice is able to broadcast BCH txn on BCHA chain and steal 1 BCHA !
Solutions
Ethereum's solution : ChainID system
On ethereum, we should enter a chain id for proving we're on the correct chain. For example, ethereum mainnet's ID is 1, ropsten testnet has ID 3 (full list on chainid.network, that provides chainids of various EVM networks)
So, if a txn's chainid parameter is 3, it prevents it from being broadcasted on other chains than ropsten testnet.
ChainId setting in metamask (for custom rpc) :

It's why putting a chain ID is mandatory on custom rpcs
Bitcoin's solution : UTXOs
On bitcoin, your coins are stored in unspent outputs. In a bitcoin transaction, there's inputs and outputs. Outputs are unspent until there aren't used as input of another transaction.
So, if you doesn't want your forked coins to be stolen by replay attack, you should split them. For splitting coins, you should only send them to yourself on both chains, so previous utxos will be spent, and another (not on other chain) will be generated.
If you didn't have balance before the fork, replay attack is impossible because of funds are already splitted !