FastCGI and separate PHP processes per user, of course.
It doesn't make any sense at all to bloat your Apache with mod_php. If you have 200 Apache processes, of which 10 are needed for PHP, the (non-trivial, these days) memory space of 190 PHP interpreters sits idle. It can't even be swapped out because the set of Apache processes working on PHP requests constantly changes.
Using FastCGI, you have 10 busy PHP interpreters and 190 "normal" Apache (or lighttp or ) processors, and you get to run each customer's PHP stuff under their own UID instead of having global access to anything that's readable by www_data when (not if) the next security hole is discovered.