Php by nature is unfortunatly very insecure by default. There are many ways to help make it more secure for a shared hosting enviroment by running modules like mod_security. Another way to do this is by disabling the actual functions that many of these exploits call on. This can be done by simply editing the php.ini and restarting apache. Though you should not have any trouble with the disabled functions if webpages do start to have problems you can always add the function back. Most times you will get an error on a webpage that will tell you exactly which is causing the problem.

Updated August 9th to include even more php functions to disable.

This page has a list of various scripts as well as information to further help secure your server. Many of them are from rfxnetworks who does a great job with his scripts, all of which are released freely for anybody to use. They all will greatly help towards making your server more secure and run better. That being said make sure and look at all of the emails coming in from the scripts because they may identify problems or possible intrusions.

This guide is going to show you how to install and configure mod_security which will help protect your server from exploits that are passed though apache. Mod_security does this by inspecting the information sent in apache and filtering out all of the "bad" requests as determined by the set of rules specified in the httpd.conf. The ruleset that I use in this guide will block out most of the common exploits, including the nosanity phpbb worms. It should also block out most of the other common methods of hacking a server passed though php.

Updated July 11th with the latest version, enjoy!