I would suggest, for those sites that can be entirely built using appropriate licenses (zero cost, transferrable, virtualizable), that this would be an ideal case for virtual appliances. Load on your virtual server, turn on, and see how insecure they can be.

Otherwise, the ideal would be scripts that would allow one to easily set up said sites on one's own computers.

I'm afraid that publically available sites like this would be useful, except that any where the site can be brought down completely likely would be. For such publically available sites, either a read-only virtual image (restart to get back to initial state), or the older "boot CD without any hard drive" method may be appropriate.