On 30 September 2011 02:22, Trey Dockendorf <treydock at gmail.com> wrote: > I had a recent request to improve security on my web servers by having each > website use a different user to run the hosting service. So > example1.comhas it's own Apache instance running as apache1 and then > example2.com has its own instance of Apache as apache2. Is this even > possible or realistic? I understand the idea of how that would be secure, Easily doable with an other instance of Apache acting as the proxy. This Apache can be yet an other "can't do anything"-style locked-down instance which only proxies virtual hosts to separate Apache instances. You can set up as many Apaches running on separate internal ports (i.e. 127.0.0.1:8881, 127.0.0.1:8882 etc). and then use proxypass to forward virtual servers. I use a similar setup at home where locked-down virtual machines run all by themselves and the front-facing Apache simply matches the VirtualHost name and passes it down. The only thing I can't do is using a separate certificate for HTTPS for every one of them.