Skip to main content

LFD kills process?

StelarBlack
Hi, I have very strange issue with one user, I am also using cloudlinux, and that user can allocate total of 1GB memory, but I can see that process is alocating too much memory, here is part of lfd.log: Feb 10 12:47:17 lin-b10 lfd[602924]: *User Processing* PID:602899 Kill:0 User:antiagei VM:327(MB) EXE:/opt/alt/php55/usr/bin/php-cgi CMD:/usr/bin/php /home/antiagei/public_html/wp-admin/admin-ajax.php. User keeps telling me that admin panel of wp gets unresponsive, which is possible due to killed proces, is Kill:0, meaning that process is killed or not?

Comments

2 comments

Date Votes
  • cPanelMichael
    Hello :) Please keep in mind that LFD is a third-party application. I suggest posting question about their software to their forums at: CSF/LFD Support Forums The following third-party URL explains "kill 0" in detail: [url=http://unix.stackexchange.com/questions/67532/what-does-kill-0-do-actually]process - What does kill 0 do actually? - Unix & Linux Stack Exchange Thank you.
    0
  • Infopro
    ]Hi, I have very strange issue with one user, I am also using cloudlinux, and that user can allocate total of 1GB memory, but I can see that process is alocating too much memory, here is part of lfd.log: Feb 10 12:47:17 lin-b10 lfd[602924]: *User Processing* PID:602899 Kill:0 User:antiagei VM:327(MB) EXE:/opt/alt/php55/usr/bin/php-cgi CMD:/usr/bin/php /home/antiagei/public_html/wp-admin/admin-ajax.php. User keeps telling me that admin panel of wp gets unresponsive, which is possible due to killed proces, is Kill:0, meaning that process is killed or not?

    It's not. Your site is most likely under attack with some sort of bot attempting to login with a brute force script, or something, if I was to guess. LFD is alerting you about it as best it can. You could set it to kill anything over 300MB, which IIRC is the default limit. Or you could up the limit a little in CSF/LFD settings to satisfy the need and end the alerts. Killing it wouldn't serve any real purpose in this case, but setting LFD to kill a process when it exceeds its limits is not a bad idea. I'd rather have the site go down and be broken, than permit some sort of script to sit there all day pounding on it. Whatever you decide, you should also consider adding security to the wordpress site itself if you don't have any yet. There are a few really good ones that will help you see the attacks and failed logins much easier. And of course make sure the site and everything about it, is up to date. They're knocking at your door right now, look: /http://www.wordfence.com/ GL!
    0

Please sign in to leave a comment.

Didn't find what you were looking for?

New post