something is wrong with your upload_tmp_dir security test
This is an excerpt of phpinfo() on my matomo instance
upload_tmp_dir | /home/xxx/tmp_php | /home/xxx/tmp_php
and this is the directory to it :
drwx------ 2 xxx xxx 4096 Sep 26 19:33 tmp_php
When running the test I always get
"upload_tmp_dir is disabled, or is set to a common world-writable directory. This typically allows other users on this server to access temporary copies of files uploaded via your PHP scripts. You should set upload_tmp_dir to a non-world-readable directory"