Configure Security Limits on a Debian Wheezy Server

Security limits to prevent fork bombs and more.

These are security limits I normally use as a starting point on Debian LAMP servers.

Open /etc/security/limits.conf for editing and set limits. Please note that is advised to avoid changing any values that are already set to a bigger number than listed below.

# 2048 is a fair number
*      soft   nofile    2048
*      hard   nofile    65536
*      soft   nproc     2048
*      hard   nproc     16384
*      soft   locks     2048
*      hard   locks     2048
*      soft   stack     10240
*      hard   stack     32768
*      -      maxlogins 50

# Soft limit 32GB, hard 64GB
*      soft   fsize     33554432
*      hard   fsize     67108864

# Disable core dumps for all users
*      hard   core      0

# Defaults
*      soft   memlock   64
*      hard   memlock   64

# Limits for root
root   soft   nofile    2048
root   hard   nofile    65536
root   soft   nproc     2048
root   hard   nproc     16384
root   soft   stack     10240
root   hard   stack     32768
root   soft   fsize     33554432

Once you save file, you need to logout and login again for changes to take effect.

Leave a Reply

Your email address will not be published. Required fields are marked *