InformationThe apache account must not be used as a regular login account, and should be assigned an invalid or nologin shell to ensure that the account cannot be used to login.
Service accounts such as the apache account represent a risk if they can be used to get a login shell to the system.
SolutionChange the apache account to use the nologin shell or an invalid shell such as /dev/null:
# chsh -s /sbin/nologin apache
The default Apache user account is daemon. The daemon account may have a valid login shell or a shell of /sbin/nologin depending on the operating system distribution version.