InformationThe Apache directories and files should be set to have a group of root (or a root equivalent group). This applies to all the Apache software directories and files installed. The only expected exception is that the Apache web document root ('$APACHE_PREFIX/htdocs') is likely to need a designated group to allow web content to be updated (such as 'webupdate') through a change management process.
Securing Apache files and directories will reduce the probability of unauthorized modifications.
SolutionPerform the following:
Set the group on the $'APACHE_PREFIX' directories, such as '/usr/local/apache2':
$ chgrp -R root $APACHE_PREFIX