How to Enable Shell Fork Bomb Protection in WHM?

How to Enable Shell Fork Bomb Protection in WHM?

Shell Fork Bomb Protection prevent Telnet/SSH users using all of the server resources and causing a system crash. Basically, it is a script that creates many processes very fast by using fork (). By doing this, they are able to prevent the system by filling up the process table to the point that you can’t even use “ps” in which you won’t be able to detect who did it.

1) Login to WHM.

2) Navigate to “Security Center”.

How to Enable Shell Fork Bomb Protection in WHM?

 

3) Click on “Shell Fork Bomb Protection” icon.

How to Enable Shell Fork Bomb Protection in WHM?

 

 

4) Click on “Enable Protection” button to enable this feature.

How to Enable Shell Fork Bomb Protection in WHM?

 

After you enabled the protection, the below limits are available to protect the server.

Limit           Option      Description

200000            -c         Limits the maximum size of core files created.

200000            -d         Limits the maximum size of a process’s data segment.

200000            -m        Limits the maximum resident set size.

100                     -n         Limits the maximum number of open-file descriptors.

8192                    -s         Limits the maximum stack size.

35                        -u         Limits the maximum number of processes available to a single user.

200000              -v         Limits the maximum amount of virtual memory available for the process.

Note: The “u” option limits bash shell users (default for cPanel users) to 35 processes each.

 

You can also do the same via command line.

1) Login to SSH via root.

2) Execute the below command to enable “Shell Fork Bomb Protection”.

perl -I/usr/local/cpanel -MCpanel::LoginProfile -le ‘print [Cpanel::LoginProfile::install_profile(‘limits’)]->[1];’

3) Then you need to restart cPanel service using the below command.

# service cpanel restart

4) You can also disable Shell Fork Bomb Protection by executing the below command.

perl -I/usr/local/cpanel -MCpanel::LoginProfile -le ‘print [Cpanel::LoginProfile::remove_profile(‘limits’)]->[1];’

5) Again need to restart the cPanel service.

# service cpanel restart

But we recommend you to enable this feature via WHM API.

If you need any further help please do reach our support department.

  • 0

How to Enable Plaintext Authentication in Dovecot?

How to Enable Plaintext Authentication in Dovecot? Dovecot is an IMAP or POP3 server for...

Install Apache Tomcat using EasyApache4

Install Apache Tomcat using EasyApache4 The Apache Tomcat is an Apache module that provides a...

How to Enable Extended Logging in Exim

How to Enable Extended Logging in Exim The extended Exim logs in cPanel server will help you to...

Maximum number of connections from user+IP exceeded

Maximum number of connections from user+IP exceeded If you are getting an error like ‘ Error –...

How To Set Up Remote Access Key in WHM

How To Set Up Remote Access Key in WHM Remote Access Key is a cPanel feature that allows...