For those hosting their own domains and managing their Web Servers, security is always a concern. Most Firewalls will only close/open TCP/IP and UDP ports, so there won't be any web traffic check made at that level, since http port 80 has only 2 status, either open or closed. So the next step will be getting some level of protection that analyses your incoming http traffic and checks if that request is valid or malicious. That's were ModSecurity comes in, mod_security is an open source intrusion detection and prevention engine for web applications. It operates embedded into the web server, acting as a powerful umbrella - shielding applications from attacks. ModSecurity supports both branches of the Apache web server.You can’t be protected against every attack, but at least will give a higher level of confidence regarding certain types of attacks.
You can get it from http://www.modsecurity.org. ModSecurity by itself does not know what's malicious or not, so make sure you install the core-rules after installing the mod_security since those rule's configuration files will have the definitions of the most common attacks.