In this post, we will demonstrate how you can add /tmp security in Centos7.
Primarily, a Centos7 server terminal is needed.
The servers are not safe when cyber criminals attempt to hack systems or servers by utilizing a hacking script. Nobody is aware of how to prevent these cyber criminals from putting these kinds of scripts on the computer system.
And this is where /tmp security comes in, it gives us the ability to defend our systems against any kind of attack.
To prevent hackers from running scripts on the server, we employ /tmp.
It is incredibly challenging to breach the /tmp’s security. With the use of this technique, several different brute-force attacks and PHP injection rootkits may be stopped.
Follow these steps to add /tmp security:
- On your hard disc, create a 2000MB or 1000MB /tmp partition.
For 2000Mb, type this command.
“ #dd if=/dev/zero of=/var/tmpMount bs=1024 count=2000000 “
To send 1000MB, type this command.
“ #dd if=/dev/zero of=/var/tmpMount bs=1024 count=1000000 “
- The ext3 extension is used by the partition format.
“ #mkfs.ext3 /var/tmpMount “
Press “Y” once the instruction has been executed.
- Duplicate the /tmp folder. We won’t have a problem because we have a backup plan in case something goes wrong.
“ #cp -R /tmp /tmpbak “
- Mount the /tmp filesystem now with the noexec option: noexec (script cannot be implemented because it doesn’t have the authorization to run). It is not allowed to let any hacking script operate on that system.
“ #mount -o loop,noexec,nosuid,rw /var/tmpMount /tmp “
- The /tmp folder should be accessible. The /tmp subdirectory consequently has complete access to all files and directories.
“ #chmod 1777 /tmp “
- Replace the tmp backup folder with the /tmp folder.
“ #cp -R /tmpbak/* /tmp/ “
“ #rm -rf /tmpbak “
- Create a permanent mount point for the /tmp partition now by editing the /etc/fstab file. However, before you do anything else, create a backup of the /etc/fstab file since it is crucial and if you make a mistake, your server will crash.
“ #vim /etc/fstab “
Here, add one more line.
“ /var/tmpMount /tmp ext2 loop,noexec,nosuid,rw 0 0 “
“ Save this file with this command: wq “
After making any alterations to /etc/fstab, be sure to run #mount -a to make sure you didn’t make any errors.
If mount -a executes without generating any errors, everything has been configured properly. The occurrence of an error proves that you made a mistake.
Any script you attempt to run will now be denied permission if you mount /tmp using the noexec option.
- For /tmp, build a symbolic link.
“ #cp -rvf /var/tmp /var/tmpbak “
“ #ln -s /tmp /var/tmp “
“ #cp -R /var/tmpbak/* /tmp/ “
“ #rm -rf /var/tmpbak “
- Secure the /dev/shm folder now in /etc/fstab with noexec permission.
“ #vim /etc/fstab “
Insert this line
“ tmpfs /dev/shm tmpfs defaults,nosuid,noexec,rw 0 0 “
- Now, Mount temporary /dev/shm
“ #mount -o remount /dev/shm “
You may effectively add /tmp security Centos7 in this manner.
For more information or assistance, you can reach out to our round-the-clock customer support team who would gladly assist you with any query.