Information
The 'PidFile' directive sets the file path to the process ID (pid) file to which the server records the pid of the server. The pid is useful for sending a signal to the server process or checking on the health of the process.
Rationale:
If the 'PidFile' is placed in a writable directory, other accounts could create a denial of service attack and prevent the server from starting by creating a pid file with the same name.
Solution
Perform these steps to secure the pid file:
1. Find the directory in which the 'PidFile' would be created. The default value is the 'ServerRoot/logs' directory.
2. Modify the directory if it is within the Apache 'DocumentRoot'.
3. Change the ownership and group of the directory to be 'root:root'.
4. Change the permissions for the directory so it is only writable by root, or the user under which apache initially starts up (default is root).