httpd 2.2 security recommendations
At my work place we are soon going to start accept orders using e-com and credit cards. We run ngnix server (public IP) for static files and dynamic stuff is handled by Apache and fastcgi+php5. I'm already running ngnix in jail using chroot and apache from freebsd jail (private IP). MySQL is also running from another Linux server. I've also installed and configured mod_security2. What else is required on server level to secure it further apart from pf?
Neither in this world nor elsewhere is there any happiness in store for him who always doubts. If you enjoyed my answer please consider donating some money to FreeBSD foundation @ http://www.freebsdfoundation.org/