I was hoping it would quote both responses, but eh.

I'm in agreement with Adam on this one, you should lock that stuff down. Many of those popular web sites have major IT teams with people who specialize in security to take care of business. Smaller web sites should do what they can to remove themselves from being a target, and when it comes to Apache this means at the very least you should have the following;


You should always put more effort into making sure your iptables configuration is on lock down, but these three simple settings in Apache can frighten even the loneliest of script kiddies.