Reseller Web Hosting Offers:

Shell Fork Bomb Protection in Cpanel sever?

Shell Fork Bomb Protection cpanel feature prevents users with terminal access SSH from using system resources and potentially crashing your web server through a malicious attack known as a fork bomb. Fork bombs work by starting with a cascade of small processes that doubles until server resources are exhausted. This feature prevents SSH users with commands from consuming the entire load of the server. It is a new feature introduced in cPanel version – 11.30

How to enable Via WHM :


Home > Security Center > Shell Fork Bomb Protection > Enable protection


How to enable Via ssh :


To prevent users who have terminal access (SSH/Telnet) the ability to use all of the resources on the server, you should enable Shell Fork Bomb Protection.


1.Login to SSH via root.


2.Execute the below command in the SSH: 


perl -I/usr/local/cpanel -MCpanel::LoginProfile -le ‘print [Cpanel::LoginProfile::install_profile(‘limits’)]->[1];’ 


3. Restart the cPanel


service cpanel restart


After you have enabled shell fork bomb protection, the following limits are available to better protect the server:

How to disable Via WHM :


Home > Security Center > Shell Fork Bomb Protection > Disable protection


How to disable Via ssh :
1.Login to SSH via root.
2.Execute the below command in the SSH: 
perl -I/usr/local/cpanel -MCpanel::LoginProfile -le ‘print [Cpanel::LoginProfile::remove_profile(‘limits’)]->[1];’
3.Restart the cPanel
service cpanel restart

After you have enabled shell fork bomb protection, the following limits are available to better protect the server:

Limit Option Description
200000 -c Limits the maximum size of core files created.
200000 -d Limits the maximum size of a process’s data segment.
200000 -m Limits the maximum resident set size.
100 -n Limits the maximum number of open-file descriptors.
8192 -s Limits the maximum stack size.
35 -u Limits the maximum number of processes available to a single user.
Unlimited -v The amount of virtual memory available for the processes

Note: The “u” option limits bash shell users (default for cPanel users) to 35 processes each.

Important note : If you want to customize the service, you can modify the limits by editing /etc/profile file. 

How to disable Via WHM :


Home > Security Center > Shell Fork Bomb Protection > Disable protection
How to disable Via ssh :


1.Login to SSH via root.
2.Execute the below command in the SSH: 
perl -I/usr/local/cpanel -MCpanel::LoginProfile -le ‘print [Cpanel::LoginProfile::remove_profile(‘limits’)]->[1];’
3.Restart the cPanel
service cpanel restart


Important note : If you have a WordPress,  the Shell Fork Bomb Protection can conflict with certain caching plugins (like W3 Total Cache) so if you have any caching plugins installed and running on your sites go ahead and disable the protection to prevent issues if the use of the plugin is crucial to the functionality of your site.