How do I stop Apache from running as root?

It is unusual to find Apache running as root in any stock configuration. How have you determined that Apache is running as root? Note that Apache must start up as root in order to bind to privileged ports, but typically sheds its privileges later on.

You can look in your Apache configuration (often in /etc/httpd or /etc/apache2, depending on your distribution) for the User and Group directives (documented here). These two directives control under what user id Apache runs.

It is also unusual to find a system that has "no other groups or users". What do getent passwd and getent group show? Are there really no other users or groups other than root? Most distributions ship with an apache or www-data user or somesuch and a matching configuration that will run Apache as that user.

There are a variety of introductory guides out there to Apache configuration and security. A simple Google search yields many likely looking results. The RedHat/CentOS Deployment Guide is a good place to start (if you're on a RedHat/CentOS system).