I'm running a couple of servers with ISPConfig installed on them. Now one of the servers has had very high CPU load for the past week or so... Two WooCommerce sites on that server seem to use the most of the CPU and memory. The other has taken 13% of CPU and 604 MB of memory and the other 7% of CPU and 326 MB of memory as an average for the past 12 hours according to Linode Longview statistics. The first site with bigger CPU load takes about 150 website hits per day and the other takes about 100 hits per day. So it's not that much... BUT it seems like Apache is getting one request per second during the working hours. First I thought the problem would be the seemingly slow WP theme used on both sites, but I've now changed the theme on both sites with no effect on the CPU load. I'm using Linode 2 GB plan with 2 GB RAM & 1 CPU Core [Intel(R) Xeon(R) CPU E5-2680 v3 @ 2.50GHz]. So my question is: Is there something wrong with my config or should I just upgrade my Linode plan?
If you followed the ISPConfig installation instructions, then your setup should be fine. You say that it gets one hit per second, which might explain the load but does not correspond to the 100 or 150 hits a day that the sites get, check where the hits come from in the access.log files of the sites and the global apache access.log. It might also be that you just measure differently and the sites get indeed much more then 150 hits, if you e.g. use google analytics or similar software and this shows you 150 hits, then you probably get many more hits e.g. from web spiders, google bot and maybe some brute force xmlrpc posts.
Yeah, I installed it using Howtoforge instructions. The 100 & 150 hits I got from Google Analytics and the 1 hit per second from Linode Longview statistics... I went throught the access and error logs, but I didn't find anything out of the ordinary there... Also the Wordfence plugin on the websites is not showing any sings of anything malicious... If found a few fcgid configuration tips from the internet such as this one. But haven't been able to fix the problem, seem's like my configuration from the installation insturctions I followed has been pretty good to start with...
Good morning, Are your server secure enough from brute force? There may be bad bots doing brute force on your server. Cleaning malicious network requests may reduce your server load.
