OWASP mod_security to help /tmp execution

S

subtopic

Member
Aug 30, 2018
16
1
3
95050
cPanel Access Level
Root Administrator
Hi there.

Is there a specific rule that I could enable to help harden the /tmp folder found in each of my clients child cpanel accounts? Such as
Code: 
/home/user/tmp
Hackers are uploading a trojan shell in those tmp folders for many of my clients, and then executing it inside of it.

I have researched it like crazy, and even tried mounting it as
Code: 
noexec,nosuid
But as this guide says, that isn't even enough.

So I was hoping OWASP rules could help.

Thank you.
 
cPanelLauren

cPanelLauren

Product Owner II
Staff member
Nov 14, 2017
13,265
1,298
363
Houston
Hi @subtopic

You might have more/better results with this in forums specific for mod security:

ModSecurity / Discussion / Forums
Free Modsecurity rules - Comodo Web Application Firewall

The rulesets that come with the default installation of the OWASP mod_security vendor are the only ones we are able to provide support for, what you're requesting a custom rule for /home/$user/tmp and while there may be some here who can definitely answer that question you might also want to check the suggested forums as well.

Thanks!
 
You must log in or register to reply here.
Thread starter Similar threads Forum Replies Date
A Google bot triggering OWASP modsecurity rule 949110 Security 6
bejbi ModSecurity OWASP blocking GTMetrix Security 1
M [SOLVED] Update OWASP CRS? Security 16
S OWASP mod_security breaking Wordpress page save Security 4
C OWASP mod_security rules not triggering CSF IP block anymore... Security 12
Similar threads
Google bot triggering OWASP modsecurity rule 949110
ModSecurity OWASP blocking GTMetrix
[SOLVED] Update OWASP CRS?
OWASP mod_security breaking Wordpress page save
OWASP mod_security rules not triggering CSF IP block anymore...
Top Bottom