The following are countermeasures that can be used to prevent web server and web application attacks and remediate such vulnerabilities:

• Apply the latest (stable) patches and updates to the operating system and web applications.
• Disable any unnecessary services and protocols on web servers.
• Use secure protocols, such as support data encryption, wherever possible.
• If using insecure protocols, implement security controls to ensure that they are not exploited.
• Disable WebDAV if it's not being used by a web application.
• Remove all unused modules and applications.
• Disable all unused default accounts.
• Change default passwords.
• Implement security policies to prevent brute force attacks, such as lookout policies for a failed login attempt.
• Disable the serving of directory listings.
• Monitor and check logs for any suspicious activity.
• Implement digital certificates from trusted Certificate Authorities (CAs) and ensure that digital certificates are always up to date.
• Ensure data input validation and sanitization is implemented and tested regularly.
• Implement a Web Application Firewall (WAF).

These items are simply a summary of preventative measures that an IT professional can adapt; however, additional research will be required since, each day, new and more sophisticated threats and attacks are developed.