Comment Re:Web Application Firewall (Score 1) 333
Mod_security is great. I recommend checking out Atomic Secured Linux, which is a product comprising a hardened Linux kernel with trusted path execution, PaX and grsecurity, ClamAV, mod_security, mod_evasive, OSSEC, rkhunter, SSH hardening and comes with continuously updated custom rulesets for its components. It can do geoblocking, active response based on security events and comes with a web interface for management. No, I don't work for them, I'm just a happy customer.
https://www.atomicorp.com/products.html
Now, of course, having good system-level security doesn't mean it's not important to keep security in mind when building a web application, but the additional layers of security definitely help.