To make a long story short, my web server hosting about 30 domains was originally built using the "Perfect Server Ubuntu 12.04 ---etc" and had been purring along until about a month ago (with weekly patches) when it became the target of low grade Denial of Service attacks that would lock up the server - IOTOP showed as many as 10 instances of Apache continuously reading the hard drive at one time. I went through many recursions of adding IP address block drops to the firewall (mostly Chinese IPs, but as those were eventually closed the attackers started routing through TOR nodes and using scattered botnet nodes), modifying Apache to reduce timeouts, etc. but it never really stopped for more than a few hours at a time. So I gritted my teeth and ran "do-release-upgrade" in hopes newer software might help. After the usual debugging I was able to get Apache 2.4 running and all the conventional html sites now work. HOWEVER, all the Wordpress sites are broken with 500 errors, and Apache does not want to stop and start cleanly - it is giving PID error messages Here is a typical Apache error log entry [Mon May 04 21:04:07.772916 2015] [:error] [pid 7147] [client 184.108.40.206:59755] SoftException in Application.cpp:299: Script "/home/../index.php" resolving to "/home/../index.php" not within configured docroot [Mon May 04 21:04:07.775012 2015] [core:error] [pid 7147] [client 220.127.116.11:59755] End of script output before headers: index.php I'm guessing that the problem is NOT within Apache or Wordpress, but in the php scripts that glue Apache, MySQL and Wordpress together. Specifically, I may have some remnants of the ISPConfig code floating around that seem to be the disconnects. Does anyone have some insight as to how to troubleshoot this mess?