OWASP mod_security to help /tmp execution

subtopic

Member
Aug 30, 2018
16
1
3
95050
cPanel Access Level
Root Administrator
Hi there.

Is there a specific rule that I could enable to help harden the /tmp folder found in each of my clients child cpanel accounts? Such as
Code:
/home/user/tmp
Hackers are uploading a trojan shell in those tmp folders for many of my clients, and then executing it inside of it.

I have researched it like crazy, and even tried mounting it as
Code:
noexec,nosuid
But as this guide says, that isn't even enough.

So I was hoping OWASP rules could help.

Thank you.
 

cPanelLauren

Product Owner II
Staff member
Nov 14, 2017
13,274
1,292
313
Houston
Hi @subtopic

You might have more/better results with this in forums specific for mod security:

ModSecurity / Discussion / Forums
Free Modsecurity rules - Comodo Web Application Firewall

The rulesets that come with the default installation of the OWASP mod_security vendor are the only ones we are able to provide support for, what you're requesting a custom rule for /home/$user/tmp and while there may be some here who can definitely answer that question you might also want to check the suggested forums as well.

Thanks!