Apache ? Make sure you stay up to date..
SSH ? Disable root login, use sudo, restrict ssh to certain source IP's or change the SSH port. Also use ssh keys and disable password based auth
PHP ? Use proper variable regex checks to make sure injection based exploitation of PHP is not possible.
Beyond this consult a PHP security expert to dig into your code and/or use mod_security.
The best way to harden your server is to have CFS installed and have it run a server check. There it will tell you where each vulnerability is and even guides you on how to secure it. You would be able to do most of it on your own.
__________________ █ JixHost, Inc. | Corporation in good standing for 5+ years. | Powerful CloudLinux servers.
█ JixHost.com | Instant Activation | Trusted by over 65,000 clients served globally.
█ Alpha Reseller | Master Reseller | Reseller | cPanel shared.
█ 24/7/365 Help desk support | Recurring Affiliate Program available.