<!-- /* Font Definitions */ @font-face {font-family:"Cambria Math"; panose-1:2 4 5 3 5 4 6 3 2 4; mso-font-charset:1; mso-generic-font-family:roman; mso-font-format:other; mso-font-pitch:variable; mso-font-signature:0 0 0 0 0 0;} @font-face {font-family:Calibri; panose-1:2 15 5 2 2 2 4 3 2 4; mso-font-charset:0; mso-generic-font-family:swiss; mso-font-pitch:variable; mso-font-signature:-520092929 1073786111 9 0 415 0;} /* Style Definitions */ p.MsoNormal, li.MsoNormal, div.MsoNormal {mso-style-unhide:no; mso-style-qformat:yes; mso-style-parent:""; margin-top:0cm; margin-right:0cm; margin-bottom:10.0pt; margin-left:0cm; line-height:115%; mso-pagination:widow-orphan; font-size:11.0pt; font-family:"Calibri","sans-serif"; mso-ascii-font-family:Calibri; mso-ascii-theme-font:minor-latin; mso-fareast-font-family:Calibri; mso-fareast-theme-font:minor-latin; mso-hansi-font-family:Calibri; mso-hansi-theme-font:minor-latin; mso-bidi-font-family:"Times New Roman"; mso-bidi-theme-font:minor-bidi; mso-fareast-language:EN-US;} p.MsoNoSpacing, li.MsoNoSpacing, div.MsoNoSpacing {mso-style-priority:1; mso-style-unhide:no; mso-style-qformat:yes; mso-style-parent:""; margin:0cm; margin-bottom:.0001pt; mso-pagination:widow-orphan; font-size:11.0pt; font-family:"Calibri","sans-serif"; mso-ascii-font-family:Calibri; mso-ascii-theme-font:minor-latin; mso-fareast-font-family:Calibri; mso-fareast-theme-font:minor-latin; mso-hansi-font-family:Calibri; mso-hansi-theme-font:minor-latin; mso-bidi-font-family:"Times New Roman"; mso-bidi-theme-font:minor-bidi; mso-fareast-language:EN-US;} .MsoChpDefault {mso-style-type:export-only; mso-default-props:yes; mso-ascii-font-family:Calibri; mso-ascii-theme-font:minor-latin; mso-fareast-font-family:Calibri; mso-fareast-theme-font:minor-latin; mso-hansi-font-family:Calibri; mso-hansi-theme-font:minor-latin; mso-bidi-font-family:"Times New Roman"; mso-bidi-theme-font:minor-bidi; mso-fareast-language:EN-US;} .MsoPapDefault {mso-style-type:export-only; margin-bottom:10.0pt; line-height:115%;} @page Section1 {size:595.3pt 841.9pt; margin:72.0pt 72.0pt 72.0pt 72.0pt; mso-header-margin:35.4pt; mso-footer-margin:35.4pt; mso-paper-source:0;} div.Section1 {page:Section1;} -->
Many administrators increase their server’s security by running securetmp on their vps’s. It is especially important to do this on shared servers such as cPanel. This is a quick guide on how to secure your /tmp directory on the OpenVZ VPS system, this is different to a normal server.
First open fstab using nano, or your chosen editor:
nano -w /etc/fstab
Next append the following like to the fstab file you just opened:
none /tmp tmpfs nodev,nosuid,noexec 0 0
If you opened using nano you can now close using ctrl+x and then answering “y” to save.
To apply the changes we now need to simply remount:
mount -o remount /tmp
Its always a good idea to test it worked so run the following command:
df -h
Within the output you should see something like:
none 4.1G 0 4.1MG 3% /tmp
There is also a /var/tmp dir that needs to be secured.
So firstly make a backup (don’t skip this step, you need the files in a bit)
mv /var/tmp /var/tmpfiles
We can now make a link to map /tmp to /var/tmp
ln -s /tmp /var/tmp
Restore the files from the backup you made before
cp /var/tmpfiles/* /tmp/
Restore the files from the backup you made before, and make sure that the files in tmpfiles are now in tmp.
ls /var/tmpfiles
ls /var/tmp
If it looks ok, you can remove the tmpfiles directory.
Rm -rf /var/tmpfiles
thanks zany
