Tuning VirtualHosts for Security

[artomason]

Greetings everyone,

I'm running a Ubuntu 8.04 LAMP Server and I have set everything up to correctly run VirtualHosts. However, I'm having troubles understanding much of the directives and how they pertain to my virtualhost for example.

Order Deny,Allow

While I want to maintain the best security I can, I also want to make sure I'm not short changing any of my VirtualHosts, and preventing them from using my server cause they are unable to run even basic scripts. With that said, what are the MUST HAVE directives security wise and why? Are there any other directives I may want to concider.

Unfortunatly I do not have a sample VirtualHost to share with everyone sense I'm currently deployed over seas.

Any input would be greatly appreciated.

Thanks