How to Enable Shell Fork Bomb Protection in WHM?

Posted on April 23rd, 2018

Shell Fork Bomb Protection prevent Telnet/SSH users using all of the server resources and causing a system crash. Basically, it is a script that creates many processes very fast by using fork (). By doing this, they are able to prevent the system by filling up the process table to the point that you can’t even use “ps” in which you won’t be able to detect who did it.

1) Login to WHM.

2) Navigate to “Security Center”.

Enable shell bomb protection

 

3) Click on “Shell Fork Bomb Protection” icon.

Enable shell bomb protection

 

 

4) Click on “Enable Protection” button to enable this feature.

Enable shell bomb protection

 

After you enabled the protection, the below limits are available to protect the server.

Limit           Option      Description

200000            -c         Limits the maximum size of core files created.

200000            -d         Limits the maximum size of a process’s data segment.

200000            -m        Limits the maximum resident set size.

100                     -n         Limits the maximum number of open-file descriptors.

8192                    -s         Limits the maximum stack size.

35                        -u         Limits the maximum number of processes available to a single user.

200000              -v         Limits the maximum amount of virtual memory available for the process.

Note: The “u” option limits bash shell users (default for cPanel users) to 35 processes each.

 

You can also do the same via command line.

1) Login to SSH via root.

2) Execute the below command to enable “Shell Fork Bomb Protection”.

perl -I/usr/local/cpanel -MCpanel::LoginProfile -le ‘print [Cpanel::LoginProfile::install_profile(‘limits’)]->[1];’

3) Then you need to restart cPanel service using the below command.

# service cpanel restart

4) You can also disable Shell Fork Bomb Protection by executing the below command.

perl -I/usr/local/cpanel -MCpanel::LoginProfile -le ‘print [Cpanel::LoginProfile::remove_profile(‘limits’)]->[1];’

5) Again need to restart the cPanel service.

# service cpanel restart

But we recommend you to enable this feature via WHM API.

 

If you need any further help please do reach our support department.

 

 

Leave a Reply