Hello!
I am not a sysadmin and I've been googling without success for this info.

Basically, I'd like to host my different websites with Apache, and keep it as secure as it can be such as no website with a security flaw could view or write into another's client website. If helpful, I am the sole owner of the server, no website owner will have access to it (no SSH/FTP for them).

I always thought that the best way to do this was to have one Apache instance running as the user to whom the website belongs, but I don't see how to do this besides having the apache user being a member of the group of every user. By doing so, if a website is compromised, then a cracker could have access to every website since the user Apache is running under is a member of the users' groups.

I'd like to keep it low on memory since I am on a linode 360, so I guess running multiple Apache instances is out of question.

Is there a tutorial explaining step by step how to do so?

Thanks a lot!
Frank

In order to run multiple Apache instances, you'd most likely need multiple IP's (because only one process can listen on port 80). You could run them on different ports and put a reverse proxy in front of all those per-user Apache processes, but that's quite a hassle.

Alternatively, you could run one global Apache (or lighttpd, or nginx...) instance which would only have read access to the static files. Then, you can run one PHP-FastCGI (or Rails, or Django...) process per website to handle the dynamic parts. Such a process would run as the owner of the respective website. Apache would communicate with those backends using something like mod_fcgid, mod_proxy, mod_wsgi, passenger, etc. That would be my preferred way of running multiple websites on one server.

I like your alternative solution

What should I google for in order to configure my httpd to run different processed for each website? Do I need to give the apache user special permissions to have it run processes as another user?

Apache + PHP + fcgid + suexec

Google: http://www.google.com/search?hl=en&q=ap ... gid+suexec
This Forum: http://www.linode.com/forums/viewtopic.php?t=2982

The usual approach involves per-user "wrapper scripts" which are used to start the respective FastCGI processes. This allows Apache to manage all the processes.

An alternative approach would be to manage the FastCGI processes yourself, using something like PHP-FPM or spawn-fcgi. Apache only needs to know about the IP and port of the appropriate FastCGI processes. That way, you have more control over each process. There doesn't seem to be a whole lot of documentation covering this method, though, because this method is usually associated with lighttpd/nginx.

One thing to remember is to get the permissions perfectly right, otherwise you gain no security. Static files and directories should be 644/755. Files and directories only visible to the FastCGI process had better be 600/700 (or 640/750). Don't rely on safe_mode or open_basedir to protect you. It seems that every new release of PHP 5.2.x these days is busy patching up newly discovered holes in open_basedir LOL

I think this is everything I needed to know and I now have a much clearer idea of how to proceed.

Thanks a lot!

MPM-itk might be another option (haven't used it myself).