Please whitelist cPanel in your adblocker so that you’re able to see our version release promotions, thanks!

The Community Forums

Interact with an entire community of cPanel & WHM users!

Infinite generation of PHP instances

Discussion in 'General Discussion' started by nvez, Jan 2, 2008.

  1. nvez

    nvez Active Member

    Jul 17, 2006
    Likes Received:
    Trophy Points:

    I have had a few problems since I have started using mod_suPHP instead of having PHP4 as a DSO apache module and PHP5 as a CGI module.

    I have started to use it on this server, so far it was very good but someone who run or had this line which looks like it's completely normal:

    exec("php -v 2>&1");

    What that actually does is fork another PHP process which does the same thing and so on and it exponentially creates PHP processes till it reaches the 1000s and 2000s of processes, kind of like a fork bomb but completely legit.

    That executable of PHP is located at /usr/bin/php and is actually PHP5 CGI version, if I replace php by /usr/local/bin/php which is PHP5 CLI version, it works without looking like a fork bomb, if I replace it by /usr/local/php4/bin/php which is PHP4 CLI version, it works fine again.

    I could well replace the script by something else but it cant be a permanent fix as I can still have clients do this in the future.

    I have tried and have been told to try putting PAM limits, I have attempted the following:

    Add the following to /etc/pam.d/login
    session required /lib/security/

    Add the following to /etc/security/limits.conf
    # For everyone (users and other)
    * hard core 0
    * - maxlogins 12
    * hard nproc 50
    * hard rss 20000

    # For group wheel (admins)
    @wheel - maxlogins 5
    @wheel hard nproc 80
    @wheel hard rss 75000

    However, it doesn't seem to work. Is this a common problem or what can I do to fix this or am I looking at the wrong place?

    Thanks in advance.
  2. brianoz

    brianoz Well-Known Member

    Mar 13, 2004
    Likes Received:
    Trophy Points:
    Melbourne, Australia
    cPanel Access Level:
    Root Administrator
    What's possibly not legit is that they even need to do this; why would they do that? It's prone to problems anyway. Are they trying to force a certain version of PHP?
    Stop hovering to collapse... Click to collapse... Hover to expand... Click to expand...

Share This Page

  1. This site uses cookies to help personalise content, tailor your experience and to keep you logged in if you register.
    By continuing to use this site, you are consenting to our use of cookies.
    Dismiss Notice