Shell Fork Bomb Protection is a WHM security feature that limits the number of processes a user with shell (SSH) access can run. A fork bomb is a type of denial-of-service attack where a process continuously creates copies of itself, quickly consuming all available system resources and causing the server to become unresponsive. This protection uses ulimit to enforce process limits per user.

Steps to Disable Shell Fork Bomb Protection

  1. Log in to WHM as the root user.
  2. Navigate to Home » Security Center » Shell Fork Bomb Protection.
  3. Click Disable Protection to turn off fork bomb protection for users with terminal access.
  4. A confirmation message will appear indicating that protection has been disabled.

You can re-enable protection at any time by returning to the same page and clicking Enable Protection.

Default Protection Limits (When Enabled)

When fork bomb protection is active, WHM applies the following ulimit restrictions to each user:

  • 35 processes (-u) — Maximum concurrent processes per user. This is the key protection against fork bombs.
  • 100 open file descriptors (-n) — Limits the number of files a process can have open simultaneously.
  • 8192 KB stack size (-s) — Maximum memory allocated for the process stack.
  • 200000 KB for core file size (-c), data segment (-d), and resident set size (-m).
  • Unlimited virtual memory (-v).

Important Notes

  • Fork bomb protection only affects users with bash shell access (SSH or Telnet). It does not impact web-based cPanel operations.
  • Disabling this protection is not recommended unless you have a specific reason and alternative security measures in place. A malicious or careless user could crash the server by running a fork bomb.
  • The 35-process limit applies to cPanel users with bash shell, which is the default shell for cPanel accounts.
  • Changes take effect immediately. No server restart is required.
  • If you need higher limits for specific users, consider configuring per-user limits manually via SSH rather than disabling protection entirely.

Troubleshooting

  • Users report "too many processes" errors: If legitimate users hit the 35-process limit, you may need to disable protection or set custom ulimit values for those specific users via SSH.
  • Cron jobs failing: Some applications that spawn many worker processes may be affected by the limit. Consider disabling protection or using /etc/security/limits.conf for per-user overrides.
  • Server becomes slow or unresponsive: If you have disabled protection and users are abusing shell access, re-enable it immediately under Security Center » Shell Fork Bomb Protection.

For official documentation, see the cPanel Shell Fork Bomb Protection guide.

Was this answer helpful? 0 Users Found This Useful (0 Votes)

Most Popular Articles

How to set Default maximum email quota for new packages via WHM?

The Default maximum email quota for new packages setting in WHM controls the maximum email...
How to set Default disk usage quota for new packages via WHM?

The Default disk usage quota for new packages setting in WHM lets you define a default disk space...
How to set Default bandwidth limit for new packages via WHM?

When you create a new hosting package in WHM, cPanel uses a default bandwidth limit if you don't...
How to change cPanel PHP max POST size via WHM?

The cPanel PHP max POST size setting controls the maximum size of HTTP POST requests that...
How to change cPanel PHP max upload size via WHM?

What is the cPanel PHP Max Upload Size? The cPanel PHP max upload size setting controls the...