Shell Fork Bomb Protection is a WHM security feature that prevents users with terminal access (SSH or Telnet) from consuming all server resources through a fork bomb — a type of attack where a process rapidly creates copies of itself until the server becomes unresponsive. When enabled, the system applies ulimit restrictions to limit each user to a maximum of 35 processes.

Step 1: Log in to WHM

Open your browser and navigate to your server's WHM login page (typically https://your-server-ip:2087 or https://hostname:2087). Log in with your root or reseller credentials.

Step 2: Open Shell Fork Bomb Protection

In the WHM sidebar, navigate to Home » Security Center » Shell Fork Bomb Protection.

Step 3: Disable the Protection

Click the Disable Protection button. This allows users who have terminal access to run an unlimited number of processes.

Step 4: Confirm the Change

The page will update to show that fork bomb protection is currently disabled. The change takes effect immediately.

Understanding the ulimit Restrictions

When fork bomb protection is enabled, the following limits are applied to cPanel users with bash shell access:

  • 35 maximum processes per user (-u)
  • 100 maximum open file descriptors (-n)
  • 200000 KB maximum core file size (-c)
  • 200000 KB maximum data segment size (-d)
  • 200000 KB maximum resident set size (-m)
  • 8192 KB maximum stack size (-s)
  • Unlimited virtual memory (-v)

Important Notes

  • Security warning: Disabling fork bomb protection means any user with SSH access could accidentally or intentionally exhaust server resources, causing the server to become unresponsive.
  • Only disable if necessary: Some applications or scripts may require more than 35 concurrent processes. If that is the case, consider adjusting the ulimit values manually instead of disabling protection entirely.
  • Applies to bash shell users: This protection specifically limits cPanel users who have bash shell access (the default shell for cPanel users).

Troubleshooting

  • "Too many processes" errors in SSH: This means fork bomb protection is enabled and the user has hit the 35-process limit. Either re-enable protection and increase limits via /etc/security/limits.conf, or disable protection if the user needs more processes.
  • Cannot find the option: Search for "fork bomb" in the WHM sidebar. If it does not appear, ensure you have root access (not just reseller access).
  • Want to re-enable protection: Return to Home » Security Center » Shell Fork Bomb Protection and click Enable Protection.

Reference: cPanel & WHM Documentation — Shell Fork Bomb Protection

Was this answer helpful? 0 Users Found This Useful (0 Votes)

Most Popular Articles

How to set Default maximum email quota for new packages via WHM?

The Default maximum email quota for new packages setting in WHM controls the maximum email...
How to set Default disk usage quota for new packages via WHM?

The Default disk usage quota for new packages setting in WHM lets you define a default disk space...
How to set Default bandwidth limit for new packages via WHM?

When you create a new hosting package in WHM, cPanel uses a default bandwidth limit if you don't...
How to change cPanel PHP max POST size via WHM?

The cPanel PHP max POST size setting controls the maximum size of HTTP POST requests that...
How to change cPanel PHP max upload size via WHM?

What is the cPanel PHP Max Upload Size? The cPanel PHP max upload size setting controls the...