It would be inadvisable to put WITM on a public access web server unless password protected. Otherwise it would be trivial for a potential hacker to compromise your system. As an example, consider what would happen if the Evaluate button was pressed with the command below entered.
That would on most UNIX operating systems delete every single file that the owner of the web server (typically 'nobody') has write access to. Although it would be relatively easy to prevent commands such as Run being executed, it would be hard to secure a system against a dedicated hacker, unless some precautions are taken. Using the Zones or Containers in Solaris 10 one could build a virtual machine, which should be safe, but a dedicated nuisance could still cause you problems in that zone. So WITM must be password protected, and only those trusted and competent people given a password. (Also, there are restrictions on the Mathematica license which would probably prevent you putting this on a public web server.)