Ad Spot

To secure a PHP server or any server is the same for the most part. As I posted in another question:

There are some best practices to securing a server, 
here are a few of the important steps:

1: Disable the default Administrator and Guest accounts.
2: Disable all unnecessary services.
3: Make sure you use complex passwords for every enabled account.
4: Block any incomming traffic through your firewall to any ports 
other than those in use such as port 80 for HTTP.
5: Keep your system updated with the latest patches and security 
updates from your software providers.

Following the above 5 steps are the most important! 
You should also setup security audits and logs that 
can be reviewed regularly to find out any attempts 
to breach the security of your server and take 
necessary action to prevent unauthorized access.

As for your PHP code, make sure it's clean and any user input is validated. Don't forget that malicious users can inject codes through the address bar, try to avoiud using $_GET variables and insure that all data is validated before processed, especialy when using it in conjunction with a database like SQL. Also, don't forget to take precautions to protect your server from functions such as 'unlink', one can delete entire volumes of data with such a simple function