I'm fairly thrifty when it comes to electronics, so I've been getting by with using a decent-spec (2.4GHz Intel Dual Core w/ 2GB RAM) tower running Ubuntu Server 12.04 as my multi-purpose home server. Right now, its main duties consist of hosting a handful of low traffic websites (2 WordPress and 1 PHP-driven specialized site. Collectively, they never get more than 120 views per day), BitTorrent box, and general-purpose file server. I'm thinking about eventually adding backup server and media server to that list. It's been chugging along quite nicely with those jobs for quite a few months, and I've yet to have any major problems. But lately I've been thinking about security, and I've figured that there may be some security risks when it comes to hosting multiple servers on a single system, especially when the files contained on that server are rather private (family photos, documents, etc).
So my question to you today is: It it a good strategy to rebuild the server from scratch, separating the software into Xen-based virtual servers?
I would probably end up giving Apache and any other WAN-facing software its own virtual server (and I'm thinking about installing an Ethernet card that would give that virtual server its own port), and then making another virtual server for LAN backup, media server, etc. My security reasoning behind this is simple isolation: if the hacker gets into the virtual server running Apache, then he's isolated from the rest of the servers and the rest of my LAN. Plus, I can experiment with any other services I want to use in the future without having to worry about messing up the rest of the system.
I've played around with Linux and servers for a while now, but I've yet to deal with virtualization like Xen or OpenVZ. I feel like the virtual isolation (combined with firewalling and other good security practices) should keep me relatively solid. And my processor does support hardware virtualization, so I'm guessing the performance hit shouldn't be too bad. If you have any suggestions as to a better way to go about this (virtualization or otherwise), I would sincerely appreciate them.