Thank you Falco for your fast answer!
I'm aware of this link from Apache documentation but I have some questions there: Apache suggests the use of httpd.conf file whereas you suggest to write files at /var/www/ directory. Which approach is better?
Apache suggest to use mod_vhost_alias or mod_rewrite. Is some method better than the other? I think the first one is simpler.
There is another think I'm wondering about after reading this article some time ago: http://jp-larocque.livejournal.com/49475.html
The writer implies that some php can run under suExec with user writes and some other "non-userdir FastCGI scripts" to NOT use suEXEC. For that reason he gives a hack, a FastCGI wrapper hack script at /usr/local/sbin/fastcgi-suexec-hack:
# This hack exists exclusively to work around the restriction that
# FastCGI wrappers (e.g. suEXEC) are an all-or-nothing ordeal. Thou
# shalt not enable wrappers for userdirs but not for the whole site.
# Thou shalt not configure non-userdir FastCGI scripts to use suEXEC
# or thou shall suffer my wrath of mysterious suexec policy violation
# notices for 7 generations.
a php library
case "$(pwd)/" in
exec /usr/lib/apache2/suexec "$username" "$group" "$application";;
application_abs="$(readlink -f "$application")"
(my first language is not English and I need Oxford dictionary to understand "thou shall"!!)
My question is this: can I mix user php code with user permissions with a php library that has boarder permissions and runs as a www-data or even a user from the sudoers group??
(some require_once headers should import the php library but what is required is the user NOT to be able to hack that library)