Automatic Background Process Killer

Automatic Background Process Killer — Simple Step-by-Step Guide

Overview

This feature allows your server to automatically stop certain processes during nightly maintenance. If any of these selected processes are running when the upcp script executes, they are terminated and you receive an email notification.

Note: Processes running from /usr/bin are excluded, assuming they were intentionally installed by the system administrator. [oai_citation:0‡cPanel & WHM Documentation](https://docs.cpanel.net/whm/system-health/background-process-killer/?utm_source=chatgpt.com)

How to Set It Up

  1. Select the checkboxes for each process you want the system to kill automatically. (Selecting all is recommended.)
  2. If necessary, add usernames to the “Trusted Users” field—these users are allowed to run the selected processes without termination. System users with UIDs below 99 don’t need to be listed. [oai_citation:1‡cPanel & WHM Documentation](https://docs.cpanel.net/whm/system-health/background-process-killer/?utm_source=chatgpt.com)
  3. Click Save to enable the settings.

Processes That Can Be Killed

These are commonly used in denial-of-service attacks. The system detects them even if their names have been changed:

  • BitchX — a command-line IRC client
  • bnc — IRC bouncer used to anonymize and route connections
  • eggdrop — IRC bot often used for botnets
  • generic-sniffers — used to collect and analyze network packets
  • guardservices, irc d, psyBNC, ptlink, services — various IRC server or bot tools frequently abused in attacks [oai_citation:2‡cPanel & WHM Documentation](https://docs.cpanel.net/whm/system-health/background-process-killer/?utm_source=chatgpt.com)

Why It Matters

These background processes are often exploited in automated attacks. By stopping them during scheduled maintenance, you help protect your server without manual intervention.

Summary

  • Use this tool to automatically terminate risky or malicious processes nightly
  • Set exceptions for trusted users who need to run these processes
  • All major exploitable processes are included and detected even if renamed
  • Configure it once—it runs automatically with daily maintenance

We are a shared license provider; if you need a cPanel shared license at a cheap price, you can buy it from us.

Cheap cPanel License
case studies

See More Case Studies