What could these giant files in .cagefs/tmp be?

xprt007

Registered
Dec 5, 2018
3
0
1
Berlin
cPanel Access Level
Website Owner
Hi there

I am not sure this is the right place to ask. I'm here for the first time because the answer I got from my host does not help as they do not seem to know what these files are.

I have been using Cpanel on shared hosting for many years at different hosts for my sites to run many sites.
Currently, I manage 3 small sites, 2 Wordpress + 1 Drupal site on a Germany-based host, offering among other things 50GB web space. There's not much content input and for a long time, the total space usage was under 30% of this.
The other week I accidentally noted it had jumped to over 40% and currently, it's just under 51% within a short while.

I looked in the Cpanel to see what was behind this and have discovered in the folder .cagefs/tmp is where some unrecognizable files have been amassing, currently with 6 of them between 2.54GB & 2.79GB and with such names "php5Vlwb6" as you can see in screenshot and lots of smaller ones.

Since I have no idea what could be generating them, I wrote the web host, a respectable hosting company this end and asked them, what they could be, whether they are safe and if one can safely delete them, since they are rapidly using up disk space.
The response suggests they do not know what they are and asked me to scan them with an antivirus, that they are not from "them" and regarding whether to delete them, that I first back-up the data.

I tried a web search and it does not seem many people know much about them, but some results suggested they are used by Cpanel as some form of backup (?).
The question is why up to the last 2, 3 weeks that I noticed this ballooning space use and never noted the existence of this folder at diverse hosts in over 10 years of Cpanel use?

I am quite sure, the best answer would be at Cpanel, so I request you to help me understand what they are, what could be generating them and whether I can safely delete them, at least because of the too generous use of space. I have always managed to backup my sites using conventional means with no problem, if there's any truth behind this.

Is there any means within Cpanel for dealing with them, other than deleting, ie like to prevent their generation?

Thank you in advance.
 

Attachments

xprt007

Registered
Dec 5, 2018
3
0
1
Berlin
cPanel Access Level
Website Owner
I need to add some web search result author claimed the prolific file generation in that folder had something to do with a "known" bug. Not quite sure who knows what they are talking about. At Cpanel, things should be different ...
 

Jarvis421

Member
Nov 20, 2018
15
3
3
Kochi, India
cPanel Access Level
Root Administrator
Hello xprt007,

Welcome to cPanel Forums!!

CageFS makes sure that each user has his own /tmp directory and the php****** files appear to be temporary files created by your website's PHP application/software. As per CloudLinux's documentation, "Once a day, using cron job, CageFS will clean up user's /tmp directory from all the files that haven't been accessed during 30 days.". From the screen shot, I noticed that none of those files are 30 days old and hence the files were not cleared by the cron job. You can find a thread on the same issue at below link :

Big phpXXXXXX files in /home/USER/.cagefs/tmp

Documentation about CageFS TMP Directories : TMP directories
 

cPanelLauren

Product Owner
Staff member
Nov 14, 2017
13,295
1,272
313
Houston
Those files aren't 30 days old so it would explain why they haven't been purged yet, the thread and documentation linked by @Jarvis421 has some great information as well, thanks for your help!!

@xprt007 let us know if you have any questions or concerns!
 

xprt007

Registered
Dec 5, 2018
3
0
1
Berlin
cPanel Access Level
Website Owner
Hello xprt007,

Welcome to cPanel Forums!!

CageFS makes sure that each user has his own /tmp directory and the php****** files appear to be temporary files created by your website's PHP application/software. As per CloudLinux's documentation, "Once a day, using cron job, CageFS will clean up user's /tmp directory from all the files that haven't been accessed during 30 days.". From the screen shot, I noticed that none of those files are 30 days old and hence the files were not cleared by the cron job. You can find a thread on the same issue at below link :

Big phpXXXXXX files in /home/USER/.cagefs/tmp

Documentation about CageFS TMP Directories : TMP directories
Hi there

Many thanks to you both for your response and the explanations.

I recently upgraded PHP from 5.6 for all 3 sites to 7.0, although I think I had done so for one or 2 of them earlier. I had reverted to 5.6, because some Wordpress plugin or 2 had problems with v7.
Has this got something to do with PHP 7, because as said, I have used Cpanel for many years at different web hosts, but I never had anything use so much space before. Most space of individual files was if I remember well probably taken by a compressed public_html folder or of individual add-ons domains outside it and since these are small sites, if I remember well, never a GB or just a little over. That's why 2,54, 2.7GB, etc 5, 6 of them and probably increasing in number & or size are immediately conspicuous.

This (compressing folders like public_html) has been the primary way of making back-ups or via the Cpanel => Backup and downloading a copy of the files to a local pc.
I know my questions may sound a bit naive because I'm no expert on this.

I'm just concerned by the rate of use of disk space, because of the limited size. That's why I just want to also know if these files are necessary (in PHP 7?) and just in case they are, if there's a way in the user end of shared hosting Cpanel to prevent this growth OR to get them deleted earlier. ... or if it's safe to manually delete them, esp. if I have my manual back-ups.

As you note, I am on shared hosting and have no direct access to server setting, apart from the limited options allowed in Cpanel. The web host, probably bouyed by the good ratings they get in Germany are very hard to convince to carry out any modification, including allowing elsewhere available simple php functions needed by some Wordpress & Drupal modules, allegedly for security reasons.

Once again, thank you for your help and clarification.
 

cPanelLauren

Product Owner
Staff member
Nov 14, 2017
13,295
1,272
313
Houston
Hi @xprt007


I'm unaware of a change in PHP versions that would cause this. It's from my understanding something specific to cagefs/CloudLinux but not necessarily something I'm familiar with the reasoning behind it. From looking at other cases like this it's usually recommended to contact CloudLinux Support, which is something your provider would need to do.