I think that apache and mod_python are good enough, but I'm not an expert. but I think that the security aspect for a large part depends on how secure your code is. You can have a very secure server setting, but somewhere a bug in your code that makes it insecure.