The Community Forums

Interact with an entire community of cPanel & WHM users!
  1. This site uses cookies. By continuing to use this site, you are agreeing to our use of cookies. Learn More.

Tuning sysctl.conf

Discussion in 'Security' started by nitaish, Feb 19, 2010.

  1. nitaish

    nitaish Well-Known Member
    PartnerNOC

    Joined:
    Jan 6, 2006
    Messages:
    123
    Likes Received:
    1
    Trophy Points:
    18
    Location:
    Mulund, India, India
    How can I tune sysctl.conf without disturbing the server and the websites hosted on it?
     
  2. B12Org

    B12Org Well-Known Member

    Joined:
    Jul 15, 2003
    Messages:
    692
    Likes Received:
    1
    Trophy Points:
    18
    Location:
    Seattle Washington
    cPanel Access Level:
    Root Administrator
    basiaclly just change the values and then run

    /sbin/sysctl -p

    For example

    echo "# Enable TCP SYN Cookie Protection
    net.ipv4.tcp_syncookies = 1" > /etc/sysctl.conf
    /sbin/sysctl -p
     
  3. whr

    whr Active Member

    Joined:
    Jul 25, 2009
    Messages:
    32
    Likes Received:
    0
    Trophy Points:
    6
    Location:
    India
    Use the sysctl command to alter the settings:

    "sysctl -w parameter=new value"

    eg: If I want to increase the file descriptors limit, I would run:

    sysctl -w fs.file-max=xxxxxx; where xxxxxx is the new value.
     
  4. B12Org

    B12Org Well-Known Member

    Joined:
    Jul 15, 2003
    Messages:
    692
    Likes Received:
    1
    Trophy Points:
    18
    Location:
    Seattle Washington
    cPanel Access Level:
    Root Administrator
    if I recall correctly that doesnt persist through a reboot though, so you would need to set it in sysctl.conf file if you wanted to make the change persist through a reboot - I could be wrong though, its been known to happen :)
     
  5. whr

    whr Active Member

    Joined:
    Jul 25, 2009
    Messages:
    32
    Likes Received:
    0
    Trophy Points:
    6
    Location:
    India
    Changes won't be lost upon reboot when you set the values using sysctl-w. But you need to make sure that the same values aren't mentioned in sysctl.conf file.

    If you edit sysctl.conf file, run sysctl -p to reflect the changes without rebooting the server.
     

Share This Page