One of the principal goals of good security management is to prevent the disclosure of privileged information. Running a WWW service implies providing information, quickly and in volume. These two ideas pose a serious conflict, especially given how recently these services and software have appeared and how rapidly they are evolving. We have no way of anticipating all the failure modes and problems these services may bring.
We strongly recommend that you consider running an WWW service on a stripped-down machine that has been especially designated for that purpose. Put the machine outside your firewall, and let the world have access to it ... and only to it.