Why we don't use mod_php
Security for your site
It is not possible to make
mod_php available on your account in a
secure fashion, as your account is hosted on a shared server. Many users'
webpages are served by the same server process. The webserver is configured to
run any CGI scripts under the user id of the owner of the webpage, rather than
the user id of the web server process. This means that your CGI scripts need
only be readable by your user id, so it is possible to include sensitive data
(such as database passwords) safely in your scripts, and other users will not
be able to access it.
It is not possible to configure the web server to run
under a different user id, as they are, by design, run as part of the server
process. This means that all users' scripts would be run under the same user
id, and it would be impossible for them to safely include sensitive data.
Having user scripts executed under the same user id as the web server process
also has other security implications on a shared system.