Need secure temporary file in web server setup

I was doing some checks on my website and realized that gzip files where stored in a publicly accessible temporary folder.

Is there a way to set htaccess and php.ini etc in a way to ensure that programs only use my local directory to store any temp files.

I am prepared to recompile PHP but the Apache side I can’t do much about, so that boils down to the .htaccess configuration
My system is setup in PHP CGI mode

Visible not accessible. Note the permissions. You can KNOW about it publicly, you just can’t DO anything with them if you’re not the owner.

Regarding private tmp, someone else will have to answer.