Obviously websites need to be readable by the Apache process
in order to get served to web visitors. Is there a best practices
for securing the website directories so that users can't find each
others websites through the file system? Perhaps ownership by
the user with group ownership by apache and no "other" perms?
Or is there a more common approach that's better to be used?