Me personally, i'd lock down everything as much as possible, try and perform an audit of your systems.
what ports/services are open to the net? Do we need this to be open etc?
Do you have any sort of hardware firewall?
I'd also consider, depending on your hardware running the webserver in a separate dmz.
Bookmarks