Apache Web Server Security Configuration
If you are thinking of moving to a self managed service one of the really important things is that you think heavily about security, especially of anything exposed to the web.
If you have apache running then it’s crucial to have something that is sniffing your incoming requests and knocking anything that doesn’t look right on the head.
Mod Security: http://www.modsecurity.org/
Some patterns for Mod Security to use: https://www.owasp.org/index.php/Category:OWASP_ModSecurity_Core_Rule_Set_Project
Listing Currently Install DSO (Dynamic Shared Objects)
apachectl -t -D DUMP_MODULES
The purpose the above command is to allow you to identify and weed out any modules that are not absolutely required for your particular web applications to run.
Getting some process separation using SUEXEC (SLOW)
You may need this so that you can further enforce the separation between web sites by having them served as different users.
A Better Way Using fcgid