I used to work as a federal contractor for the US Military in 1996-1997 and they replaced their Windows Web Servers with Macintosh ones because the Mac had better security.
I used to run a Windows 2000 Pro web server, after lack of security I switched to Linux.
Microsoft may be popular, but they have big holes in their security. Always has been.
No, that is not worth mentioning because that problem had nothing whatsoever to do with the operating system.
What happened was that someone entered a 0 on a data entry form in a field that was not supposed to be 0. That form was submitted to an application on a server, which used it as a divisor and got a divide by zero exception.
That application did not handle divide by zero exceptions and so was terminated by the OS.
With the server application no longer running terminals around the ship that relied on that application were no longer useful.
That's not as crazy as it sounds, because the problem they were trying to address was website security against threats from the internet.
As long as the underlying OS is secure enough that attackers can't get in via something like a buffer overflow in the TCP code, website security is almost entirely a matter of web server application security.
A well written web server application on Classic Mac OS then could be more secure than a less well written web server application on a more secure operating system such as NT.
There is a book on Linux Hardening that helps secure Linux.
Win 2K Pro is limited to 10 connections. In 2002 I worked for a surgical tool company with sterilizing software for 300 clients and they tried to do it on Win 2K Pro, so I switched them to Server with SQL Server 2000 instead of Excel.
I used to run a Windows 2000 Pro web server, after lack of security I switched to Linux.
Microsoft may be popular, but they have big holes in their security. Always has been.