3.9 Ensure the Pid File Is Secured - 'PidFile directory'

Warning! Audit Deprecated

This audit has been deprecated and will be removed in a future update.

View Next Audit Version


The PidFile directive sets the file path to the process ID file to which the server records the process id of the server, which is useful for sending a signal to the server process or for checking on the health of the process.


If the PidFile is placed in a writable directory, other accounts could create a denial of service attack and prevent the server from starting by creating a PID file with the same name.


Find the directory in which the PidFile would be created. The default value is the ServerRoot/logs directory.

Modify the directory if the PidFile is in a directory within the Apache 'DocumentRoot'.

Change the ownership and group to be root:root, if not already.

Change the permissions so that the directory is only writable by root, or the user under which Apache initially starts up (default is root).

Default Value:

The default process ID file is logs/httpd.pid.

See Also