Fork bomb protection settings per user
Allow to configure per user (non-default) fork bomb protection (ulimit) settings. At this point you will have to edit multiple files, ie:
/etc/bashrc
/etc/profile
/etc/profile.d/limits.sh
/etc/profile.d/limits.csh
Disabling and enabling Fork Bomb Protection will overwrite custom changes. I'm not sure what happens with version upgrades, it might be that custom changes will be overwritten too.
In some cases you will need a higher maximum number of processes. For instance, if you have a client with a lot of email accounts and you want to give them SSH access (which happened to us).
I like this idea 
cPanel, WebHost Manager and WHM are registered trademarks of cPanel, L.L.C. for providing its computer software that facilitates the management and configuration of Internet web servers.
This also affected my server, it prevented my sync software from syncing files to it. The Fork Bomb Protection sets a limit of 100 which overrides all the other methods listed above, as well as limits set in PAM. It drove me nuts trying ot figure out why the ulimit settings I had for my sync user were being ignored, until I started poking around in WHM, figuring this must be one of those cases where cPanel was blindly overwriting system settings. This feature, as it is designed, is of no use to me on my server or anyone else who needs a higher ulimit for certain users or groups.
Fork bomb protection would be much better if it worked *with* the system settings, rather than be a separate setting that overrides them all. It should be a proper front end to the system ulimits, which allow per-group and per-user settings.
See also
https://features.cpanel.net/topic/as-a-server-administrator-i-want-to-set-custom-shell-fork-bomb-limits-so-that-some-applications-are-not-killed
This also affected my server, it prevented my sync software from syncing files to it. The Fork Bomb Protection sets a limit of 100 which overrides all the other methods listed above, as well as limits set in PAM. It drove me nuts trying ot figure out why the ulimit settings I had for my sync user were being ignored, until I started poking around in WHM, figuring this must be one of those cases where cPanel was blindly overwriting system settings. This feature, as it is designed, is of no use to me on my server or anyone else who needs a higher ulimit for certain users or groups.
Fork bomb protection would be much better if it worked *with* the system settings, rather than be a separate setting that overrides them all. It should be a proper front end to the system ulimits, which allow per-group and per-user settings.
See also
https://features.cpanel.net/topic/as-a-server-administrator-i-want-to-set-custom-shell-fork-bomb-limits-so-that-some-applications-are-not-killed
I would agree - this setting is useful, but the values are of little use. We have users with dozens of IMAP connections, so they can't shell or do anything in shell as they have way more than 35 processes running
Increase limits from 35 to 150 - works fine as of 11.48 and 11.50
sed -i.bak -e 's/^\(\s\+limit maxproc \)...\?$/\1150/' /etc/profile.d/limits.csh
I would agree - this setting is useful, but the values are of little use. We have users with dozens of IMAP connections, so they can't shell or do anything in shell as they have way more than 35 processes running
Increase limits from 35 to 150 - works fine as of 11.48 and 11.50
sed -i.bak -e 's/^\(\s\+limit maxproc \)...\?$/\1150/' /etc/profile.d/limits.csh
Fyi - new documentation direct from cPanel on this topic as of 2021: https://support.cpanel.net/hc/en-us/articles/1500001648681-How-to-create-custom-Fork-Bomb-Protection-settings
Fyi - new documentation direct from cPanel on this topic as of 2021: https://support.cpanel.net/hc/en-us/articles/1500001648681-How-to-create-custom-Fork-Bomb-Protection-settings
Replies have been locked on this page!