Why we don't use mod_php

It is not possible to make mod_php available on your account in a secure fashion, as your account is hosted on a shared server. Many users' webpages are served by the same server process. The webserver is configured to run any CGI scripts under the user id of the owner of the webpage, rather than the user id of the web server process. This means that your CGI scripts need only be readable by your user id, so it is possible to include sensitive data (such as database passwords) safely in your scripts, and other users will not be able to access it.

It is not possible to configure the web server to run mod_php scripts under a different user id, as they are, by design, run as part of the server process. This means that all users' scripts would be run under the same user id, and it would be impossible for them to safely include sensitive data. Having user scripts executed under the same user id as the web server process also has other security implications on a shared system.