There are a tremendous number of things you can do today to make your site more secure, while preserving compatibility with all but the oldest web clients (I’m looking at you, Java 6 and Internet Explorer 6). If you haven’t been keeping up with the state of the art, this includes things like (cue Benny Hill music):
Web site security checklists
1