Recommended WordPress PHP Memory Setting

  • I have a site installed on a Virtual Private Server with 3GB of Ram, controlled by my client’s IT. They have insisted that 64 MB of Ram is the maximum recommended for WordPress in order to reduce risk of denial of service attacks. I’ve never heard of anything like this and can find no one who has and no online references.

    The server is running nothing but this website.

    Has anyone ever heard of limiting WordPress memory as a ddos security precaution?

Viewing 6 replies - 1 through 6 (of 6 total)
  • Moderator t-p

    (@t-p)

    If I understand the question correctly, every site will have different memory demand. That’s why WP allows to increase or decrease memory in the administration area from the WP_MEMORY_LIMIT by defining WP_MAX_MEMORY_LIMIT.

    WP Codex: https://codex.www.ads-software.com/Editing_wp-config.php#Increasing_memory_allocated_to_PHP

    Thread Starter FeralReason

    (@feralreason)

    Tara – This is not really a ‘how to’ question. I agree that every site has a different memory demand and understand how to increase the php memory allocation — if I had access to this server which I don’t. I’m trying to find out if anyone has every heard of restricting memory to prevent a ddos attack. I haven’t and I think the 64MB limit is reducing our server response time.

    Thanks for chiming in tho!

    Moderator t-p

    (@t-p)

    I’m trying to find out if anyone has every heard of restricting memory to prevent a ddos attack.

    I have not heard either ??

    Both memory limit and max execution time are tightly related. You can also decrease php max execution time to decrease DDOS attack effects (in php.ini).

    https://www.php.net/manual/en/info.configuration.php#ini.max-execution-time
    https://php.net/manual/en/function.set-time-limit.php

    Moderator Jan Dembowski

    (@jdembowski)

    Forum Moderator and Brute Squad

    Tara – This is not really a ‘how to’ question.

    Sure it is. ?? That’s why I moved this out of “Installation” and into “How-To and Troubleshooting”.

    It’s also not a security question.

    I’m trying to find out if anyone has every heard of restricting memory to prevent a ddos attack.

    Not at all, not even a little bit. The amount of RAM allocated to your PHP does nothing for mitigating a denial of service attack. The difference from 32MB to 256MB won’t change the result and your site will come down from a DoS attack either way.

    Thread Starter FeralReason

    (@feralreason)

    Jan: Makes sense to me. Intuitively, it seemed to me that reducing memory might actually have the reverse effect of what he intends. At any rate, my Firebug waterfall chart shows the first request now taking well over a second and I’m thinking memory starvation — so I’m looking for ammunition to overturn this 64MB limit decision.

    (I’m using W3Cache & WPSmush for the optimization I have control over.)

Viewing 6 replies - 1 through 6 (of 6 total)
  • The topic ‘Recommended WordPress PHP Memory Setting’ is closed to new replies.

Tags