Location: System Health/Background Process Killer
The "Background Process Killer" keeps your server safe from possible irc attacks. You can minimize these attacks by setting your system to kill these program processes before any damage occurs. You can setup WHM to kill any of the processes and send you an email when it find one of them. Some malicious users will choose to run an irc bouncer on their shell account even though this may be against your policy. Some of the really sneaky ones will rename their bouncer to something like 'pine' so the admin just believes that the user is just reading their mail. WHM can detect they are running an irc bouncer even if they rename it to something that looks non-malicous.
1. When the page loads, you will see a list of programs such as:
BitchX
bnc
eggdrop
generic-sniffers
guardservices
ircd
psyBNC
ptlink
services
2. Click on the check box next to each program you want the system to kill.
Note: We recommend you check off all of the programs list as letting your users run irc bots and servers usually leads to denial of service attacks.
2. Enter the usernames of the accounts you want the "Background Process Killer" to ignore by inserting them, one per line, in the "Trusted Users" text box.
Note: root,mysql,named,cpanel and anyuser with a uid lower than 99 are already consider trusted and do not need to be added.
3. Click on the "Save" button.
4. You should see a statement similar to the following:
"Your selection has been saved!"
5. Followed by the statement shown in Step 4 above, if you have selected any programs to be killed or entered usernames to be ignored, the following statements will be shown:
"The following processes will be killed nightly:"
LIST_OF_PROGRAMS_YOU_SELECTED
"The following users have been marked as trusted:"
USERNAMES_YOU_ENTERED