Set Default Priority for all Processes for a Specific User

A few years ago, my server has been DDoS. There were more than 7000 connections. I couldn't ssh into my servers to monitor what was going on live. After that, I found out a trick that you could set the priority for any running processes.

But it's very inconvenience as most server services are auto start. Anyway, there is an easier way to get this problem resolve. Linux allows us to set the default priority for all processes for a specific user. By giving www-data user a lower priority, I can ssh into the server even if it's under attack. Assuming that we have sufficient memory. 

sudo vi /etc/security/limits.conf

The configuration syntax is as follow:  

[username] [hard|soft] priority [nice value]

Insert the following line:

www-data hard priority 10

Now, reboot the server.

To verify that you've done it correctly, run top:
Expected results should be similar to this:

  PID USER      PR  NI  VIRT  RES  SHR S %CPU %MEM    TIME+  GROUP    COMMAND

 1295 www-data  20  10 33688 6388 2544 S    2  0.2   0:00.32 www-data apache2

 1296 www-data  20  10 33064 6100 2492 S    2  0.2   0:00.35 www-data apache2