value for upload_tmp_dir

**Kailash1** · 06-21-2009 06:09 AM

Hi,

What should we set for upload_tmp_dir in php.ini for shared hosting server (suPHP disabled)?

Thanks,

**jasonhk** · 06-21-2009 10:08 AM

Originally Posted by Kailash1

Hi,

What should we set for upload_tmp_dir in php.ini for shared hosting server (suPHP disabled)?

Thanks,

I think it's normally blank and defaults to /tmp

**PlatinumServerM** · 06-21-2009 10:40 PM

Yes /tmp is the common value for that

**Spiral** · 06-22-2009 03:06 AM

Originally Posted by PlatinumServerM

Yes /tmp is the common value for that

While on the issue of /tmp, something worth noting not so much
for you as much as for the benefit of everyone reading this thread ....

Most servers generally have /tmp setup incorrectly for security
by default and this is one of the largest and most exploited
security holes that is ironically most often overlooked when
most people try to harden the security on their servers.

The good news is this is an easy issue to fix ...

Though it doesn't always work, cpanel provides a script that may help:

Code:

# /scripts/securetmp 

Would you like to secure /tmp & /var/tmp at boot time? (y/n) y
Would you like to secure /tmp & /var/tmp now? (y/n) y

It is a good idea to double check things ...

1. Edit your /etc/fstab file and look for the line that says "/dev/shm"
and you may see something like the following:

Code:

tmpfs     /dev/shm       tmpfs   defaults   0 0

If it isn't already set as below, change the line to the following:

Code:

tmpfs     /dev/shm       tmpfs   noexec,nosuid   0 0

2. Remount the partition ('mount -o remount /dev/shm')

LinkBack

Thread Tools

value for upload_tmp_dir

WHM Information (RE: upload_tmp_dir and PHP)