The Apache server is installed within a Linux distribution with SELinux enabled. SELinux by default denies Apache to read files in /home folders. By using ls -Z one can check SELinux labels of files. In my case, while usual (DAC) permissions were the same and there were no ACLs set, SELinux context was different:
Next one is readable from Apache daemon and scripts:
unconfined_u:object_r:httpd_sys_content_t:
Next one is the file that SELinux denies access to Apache:
unconfined_u:object_r:user_home_t