Web Server: Limit Resource Usage Via limits.conf

Limiting server resource usage (especially user processes) is essential and very important for running a stable system/server especially when a web server is used by several users (for shared hosting or personal use). The server resource includes memory, CPU usage time, number of process and many more.

For a server that is used by several users, it is very recommended to limit resource usage per user in order to prevent resource outage that will affect the other users. By limiting resource usage per user, you can keep other websites up when a website is trying to use lots of server resource. If you are not doing this, your web server can be totally down only caused by processes that belong to a user or several users. Of course this is not fair for the other users.

As another benefit, this will prevent server attacks such as fork bomb attack, abnormal huge traffic (can be DDoS attack), and so on that will use up your resource to 100% and cause your web server down.

Here is how to limit server resource usage?

To limit server resource usage for a user, you need to edit /etc/security/limits.conf to add usage/limit rules for a user name or group or several/all users. You may type nano /etc/security/limits.conf when you use SSH.

Understanding limits.conf file

  • <domain> can be:
    • an user name
    • a group name, with @group syntax
    • the wildcard *, for default entry
    • the wildcard %, can be also used with %group syntax, for maxlogin limit
  • <type> can have the two values:
    • “soft” for enforcing the soft limits
    • “hard” for enforcing hard limits
  • <item> can be one of the following:
    • core – limits the core file size (KB)
  • <value> can be one of the following:
    • core – limits the core file size (KB)
    • data – max data size (KB)
    • fsize – maximum filesize (KB)
    • memlock – max locked-in-memory address space (KB)
    • nofile – max number of open files
    • rss – max resident set size (KB)
    • stack – max stack size (KB)
    • cpu – max CPU time (MIN)
    • nproc – max number of processes
    • as – address space limit
    • maxlogins – max number of logins for this user
    • maxsyslogins – max number of logins on the system
    • priority – the priority to run user process with
    • locks – max number of file locks the user can hold
    • sigpending – max number of pending signals
    • msgqueue – max memory used by POSIX message queues (bytes)
    • nice – max nice priority allowed to raise to
    • rtprio – max realtime priority
    • chroot – change root to directory (Debian-specific)

Examples

example hard nproc 200
#prevent example to run more than 200 processes
@ruby hard nproc 75
#prevent anyone in the ruby group from having more than 75 processes

Incoming Search Terms

limits conf address space limit, limits conf cpu, limits conf max memory size, limits conf, webserver limits conf, understanding limits conf, limits conf shared hosting, maxsyslogins, peruser serverlimit, limits conf webserver, limits conf as - address space limit, how to limit the process in web server, maxsyslogins in centos, limits conf address space, linux limits conf cpu per user, linux limit memory usage per process limits conf, linux max memory size per user, linux limit memory per user limits conf, limits conf server, limits conf shared server, limits conf to limit memory used by a user, limits conf usage, limits conf user memory, limits conf web server, limits conf шаред хостинг, linux da çalışan max process sayısı, linux limit memory per user, limits conf memory user limit, max memory size, shared server limit resource usage, shared webserver limits conf examples, throttle web server per client, using limits conf shared hosting, web server, web server limit per user, web server limit resourses used by user, web server server resources usage, shared hosting limits conf, setting limit conf for shared hosting, ServerLimit usage, max memory size limits conf, processes (per user) limits conf, maxsyslogins in limits conf, memory limits conf, memory per user webserver, resource limit for processgroup, security limits conf web server, server resource usage, webserver resource usage, limits conf memory per user, /etc/security/limits conf webserver, limit conf max memory size, limit conf process, limit cpu per user linux webserver, limit cpu usage limitsconf, limit cpu usage per user centos, limit memory usage limits conf, limit process group resource usage, limit resource usage, limit conf for a web server, in limits conf what is address space limit, how to limit resources to website, addressing space limits conf, centos limit user memory usage, centos resource usage, centos restrict group resource usage, cpu usage with limits conf, hosting limits conf, how to limit cpu usage with limits conf, how to limit resource usage per user, limit resources per user web server, limit security/limits conf cpu usage, limits conf for web server, limits conf group, limits conf how to limit process memory usage, limits conf howto, limits conf limit cpu usage, limits conf max data size, limits conf max memory size per user, limits conf max process size per user, limits conf cpu usage, limits conf cpu time, limits conf cpu seconds, limiting http server usage, limiting resource use in linux shared hosting, limits, limits conf & max memory- size, limits conf address space limit memory, limits conf as, limits conf as address space limit, limits conf cpu %, limits conf maxsyslogins, Xhanch, Xhanch Studio


Posted on 2010-10-01 by Susanto BSc in Article, Web Server
Centos, Process, Server, Vps, Stable, Bomb, Resource, Limit, Load, Attack, Web Server, Cpu, Linux, Traffic, Os, Outage, User, Web, Ddos, Xhanch, Xhanch Studio

Tagged as: , , , , , , , , , , , , , , , , , ,

Leave a Reply

You must be logged in to post a comment.