One of my problem is to secure a little websites at least to run as their user and not as apache . In this way if one wordpress is hacked not all website to be modify by that script .
On internet you will find something like this
<IfModule mod_fcgid.c>
MaxRequestLen 15728640
FcgidConnectTimeout 20
SuexecUserGroup username groupname
<Directory /var/www/vhosts/site.com>
Options +ExecCGI
AllowOverride All
AddHandler fcgid-script .php
FCGIWrapper /var/www/wraper/site.com/php-fcgi-starter .php
Order allow,deny
Allow from all
</Directory>
</IfModule>
All is fine in some situation works . However I notice that if you have the php 5.6 installed this won’t work . I try all loglevel debug and other stuff but it simply didn’t start that wraper with that user in process list.
After some more dig I found out that /etc/httpd/conf.d/php.conf is different then on other php version and in this 5.6 that file have a SetHandler .
So the solution is to overwrite again that SetHandler
So in your vhost before add this IfModule you need to add also
<FilesMatch \.php$>
SetHandler None
</FilesMatch>
