It looks like a website on my server got hacked. The website is running Wordpress. I can delete the whole site, but I was hoping to figure out the problem. This is what I see when I run "top":
All I see from this top result is that web48 user is spawning a lot of processess. This does not mean the website is hacked it could be legit visitors, or bots trying to brute force the website. In both cases you can determine that in the logs, either access logs, or install some visitors tracking plug-in for wordpress and Wordfence Security plugin or similar to block the unwanted traffic.
