Many time hackers target /tmp, /var/tmp partition to upload the hacking script because tmp partition is used to store the session and temporary file and nobody user can execute the command from tmp partition therefore its always better to secure the tmp partition.
If your server using the cPanel control panel then run the following command from the shell.
/scripts/securetmp
If your server is plain or using any other control panel the run the following command.
mount -o loop,noexec,nosuid,rw /dev/tmp
Now check the /et/fstab file and confirm the /tmp partition values, it must have option loop,noexec,nosuid,rw.
