New thread for a discussion on the pros and cons of using mod_php vs. suexec+fcgid vs. php-fpm
Discussion began here:
From this page, php-fpm seems like a popularly used setup: http://blog.kmp.or.at/2013/06/apache-2-2-on-debian-wheezy-w-php-fpm-fast...
The classic solution to running unsafe extensions while serving large numbers (>100) of concurrent connections is to run PHP on fastCGI (mod_fcgid, a native apache module) and proxy dynamic requests to that from an apache instance that runs the Worker MPM.
This would enable you to scale from a few hundred up to >1000 concurrent connections with a modest amount of memory (4~8GB) when serving a mix of static and dynamic content.
Of course, you should also investigate front-end caching solutions as part of your overall deployment (memcached, varnish).
Alternatively, upgrade to apache 2.4 and its native event MPM, which handles concurrency in a much improved fashion (threads are fired off upon connection, not waiting to be polled.)