Shell Fork Bomb Protection

Shell Fork Bomb Protection

This feature will prevent users with terminal access (SSH or Telnet) from using up the system’s resources and potentially crashing your web server via a malicious attack known as a fork bomb.

Fork bombs work by starting a cascade of small processes that duplicate themselves until the server’s resources are depleted. WHM includes this feature to protect your server against fork bombs.

To enable or disable shell fork bomb protection:

Click Enable Protection or Disable Protection.

After you have enabled shell fork bomb protection, the following limits are available to better protect the server:

Limit Option Description

200000 -c Limits the maximum size of core files created.

200000 -d Limits the maximum size of a process’s data segment.

200000 -m Limits the maximum resident set size.

100           -n Limits the maximum number of open-file descriptors.

8192       -s Limits the maximum stack size.

35          -u Limits the maximum number of processes available to a single user.

200000 -v Limits the maximum amount of virtual memory available for the process.

Note: The “u” option limits bash shell users (default for cPanel users) to 35 processes each.