Hi,
For the last week or so, I've been experiencing server loads much higher than usual. When checking with top, it is always httpd consuming most of the cpu, followed by php-fpm. It's not uncommon 3 or 4 httpd processes using 100-300% of the CPU each. Sometimes these processes will have been running 8 or 10 or more minutes. I don't think that's normal. At times, there also seems to be extremely high numbers of packets per second, sometimes inbound, sometimes out.
I've checked the disks themselves in the server and they are fine. I've run several malware checks and they seem fine*. Overall bandwidth use seems fairly normal. I've switched from using mpm_prefork to mpm_worker as it seemed to help with lag being caused by the load. I'm not sure where to go from here.
Any suggestions would be welcome.
* maldet was finding what seems to be false positives in the various domlogs. It looked like it was reacting to POST requests that just 404'd anyways. It found nothing in any public_html dirs.
For the last week or so, I've been experiencing server loads much higher than usual. When checking with top, it is always httpd consuming most of the cpu, followed by php-fpm. It's not uncommon 3 or 4 httpd processes using 100-300% of the CPU each. Sometimes these processes will have been running 8 or 10 or more minutes. I don't think that's normal. At times, there also seems to be extremely high numbers of packets per second, sometimes inbound, sometimes out.
I've checked the disks themselves in the server and they are fine. I've run several malware checks and they seem fine*. Overall bandwidth use seems fairly normal. I've switched from using mpm_prefork to mpm_worker as it seemed to help with lag being caused by the load. I'm not sure where to go from here.
Any suggestions would be welcome.
* maldet was finding what seems to be false positives in the various domlogs. It looked like it was reacting to POST requests that just 404'd anyways. It found nothing in any public_html dirs.