Dear List,

I had implemented Mod Security 1.9 in a Debian 3 Server. My Apache Version is 1.3, and log says that its working fine. I had secured my /tmp /var/tmp /dev/shm directories. And umounted in /etc/fstab. But Yesterday,one attacker had upload a perl script into my /tmp directory.
Please let me know which SecFilter rule should I add to prevent a intruder to uploading Perl/Sh/Chsh scripts into the /tmp directories.

Thanks in Advance.