Hey all,
I have always written code for Win32 based servers, however, at my office, I have been tasked with ensuring more secure controls over our internal web servers, and as such, I think going with a *NIX solution is the best option, so here's what I've done.

*Note - This was all installed on an i386 Desktop system.

1) Installed Debian Linux v 3.1rs Sarge2 (as a Desktop and Web Server)
2) Installed the Gnome GUI (for desktop access)
2) Installed Linux Debianweb 2.4.27-2-386 (Apache 2.0.5.4 Handler) (Default stable package installation)
3) Installed PHP4.3.10-16 (Default stable package installation)
4) Installed phpMyAdmin 2.6.2-Debiansarge1 (Default stable package installation)
5) Installed MySQL 4.1.11-Debian_4sarge5 (Default stable package installation)

Everything appears to be working fine, as PHP pages are displayed fine, and I can run queries on the MySQL via PHP.

During installation, I noticed my Apache's httpd.conf file was virtually blank, and there were some directives I had to add in to make things work, specifically things like the DocumentRoot, ServerRoot, <Directory />, etc...

Please bear in mind that I am not a NIX administrator, and aside from some minimal administrative functions I perform on my AIX billing system, I know very very little about the NIX operating system.

My questions are as follows:
1) What steps can I take to sure up the security of the web server, and how can I ensure its security?
2) Am I fine at the version levels I am at, or would you recommend upgrading anything?
3) Is there some sort of Linux Remote Control application out there that I can run from a Windows XP machine (like Terminal Services) so I can access the GUI remotely?

(That's good for now. Feel free to ask me anything regarding the install if you want more info)