With the plethora of powerful open source applications available, the great premium on rapid development and deployment of sites, and the ever present threat of malicious server attacks, security is extremely important.
mod_security is an open source Apache firewall that places outstanding protection on the server, before site visitors ever get to the applications.
In addition to its power, it is easy to use. I installed it on XAMPP, configured it very lightly, and ran the two quick tests to ensure it was set up correctly. http://localhost/cmd.exe was blocked, as was an SQL injection attempt on the application.
mod_security operates with rules that allow you to customize it to run well with your server. There is a robust set of core rules. It has great logging capabilities.
To download it, you will need to register. It’s worth it, especially if you are running your own servers, with many applications, from many sources.