It was mentioned somewhere that to have session.save_path pointed into /tmp is not very secure, as a hacker with a hosting account on your server might hijack a session file from a neighbor site, if he (or she) manages to get list of files located in /tmp. To prevent this you might want to store sessions under user's home directory.
If you decided to use Modsecurity on your server with DirectAdmin, there is sometimes a need to disable the module for a particular domain (virtual host). And here I'm going to describe how to achieve the desired.
Plugins are scripts which you create, allowing you to let your Users to do tasks, but only with the process level of their own user ID*.
Plugins are quite simple, they're basically just a list of files, extracted to a directory, some of which are scripts to execute code you want. Included in the files are also "hooks", data that is inserted into the DA skins allowing you to add links to your plugin from DA itself.