Please whitelist cPanel in your adblocker so that you’re able to see our version release promotions, thanks!

The Community Forums

Interact with an entire community of cPanel & WHM users!

How to stop High CPU Usage

Discussion in 'General Discussion' started by Tibbers, Jun 7, 2017.

  1. Tibbers

    Tibbers Member

    Joined:
    Jun 6, 2017
    Messages:
    7
    Likes Received:
    0
    Trophy Points:
    1
    Location:
    UK
    cPanel Access Level:
    Root Administrator
    Hello,
    My Daily process log

    i.gyazo.com/65fbc4788201ece56f0e0395ee7b245a.png

    That spam uses all of the CPU and forces me to reboot the cPanel VPS to get it working again

    The server is pining well during the attack.
     
    #1 Tibbers, Jun 7, 2017
    Last edited by a moderator: Jun 7, 2017
  2. Infopro

    Infopro cPanel Sr. Product Evangelist
    Staff Member

    Joined:
    May 20, 2003
    Messages:
    16,479
    Likes Received:
    421
    Trophy Points:
    583
    Location:
    Pennsylvania
    cPanel Access Level:
    Root Administrator
    Twitter:
    Please attach images to your posts.

    What spam? You've got several accounts overloading the server, you should take a closer look at them and take action.
     
    Stop hovering to collapse... Click to collapse... Hover to expand... Click to expand...
    #2 Infopro, Jun 7, 2017
  3. Tibbers

    Tibbers Member

    Joined:
    Jun 6, 2017
    Messages:
    7
    Likes Received:
    0
    Trophy Points:
    1
    Location:
    UK
    cPanel Access Level:
    Root Administrator
    First thanks for your reply , The attacker is using a script i think spamming php functions around the websites, same files with same websites are running at the same server(Less specs) for a month now but this is an attack/spam/flood

    There is no plugins to limit the usage per user? or to stop those attacks by setting timeout time or banning the spammers ip?

    [​IMG]
     
    #3 Tibbers, Jun 7, 2017
    Last edited by a moderator: Jun 7, 2017
  4. Infopro

    Infopro cPanel Sr. Product Evangelist
    Staff Member

    Joined:
    May 20, 2003
    Messages:
    16,479
    Likes Received:
    421
    Trophy Points:
    583
    Location:
    Pennsylvania
    cPanel Access Level:
    Root Administrator
    Twitter:
    Going by your posted image above, it looks like a wordpress site login is being pounded (marceloe) and user rocket has a cron overloading the server.

    Installing Modsecurity and ConfigServer firewall should be of some use. Making sure those accounts are up to date and secure should also help.
     
    Stop hovering to collapse... Click to collapse... Hover to expand... Click to expand...
    #4 Infopro, Jun 7, 2017
  5. Tibbers

    Tibbers Member

    Joined:
    Jun 6, 2017
    Messages:
    7
    Likes Received:
    0
    Trophy Points:
    1
    Location:
    UK
    cPanel Access Level:
    Root Administrator
    ModSecurity is already installed can you link me to ConfigServer firewall installtiong guide ? and is it free?

    And no other plugins to limit the spam or the flood?
     
    #5 Tibbers, Jun 7, 2017
  6. Infopro

    Infopro cPanel Sr. Product Evangelist
    Staff Member

    Joined:
    May 20, 2003
    Messages:
    16,479
    Likes Received:
    421
    Trophy Points:
    583
    Location:
    Pennsylvania
    cPanel Access Level:
    Root Administrator
    Twitter:
    You should be able to google that name and find it in less time than it took to ask for a link. :)

    Installing it is straight forward, you'll find install instructions on the listing for it at configserver.com

    Yes, it's free.
     
    Stop hovering to collapse... Click to collapse... Hover to expand... Click to expand...
    #6 Infopro, Jun 7, 2017
  7. Tibbers

    Tibbers Member

    Joined:
    Jun 6, 2017
    Messages:
    7
    Likes Received:
    0
    Trophy Points:
    1
    Location:
    UK
    cPanel Access Level:
    Root Administrator
    I found it thanks :) and installed it too, No other suggested plugins?
     
    #7 Tibbers, Jun 7, 2017
  8. Infopro

    Infopro cPanel Sr. Product Evangelist
    Staff Member

    Joined:
    May 20, 2003
    Messages:
    16,479
    Likes Received:
    421
    Trophy Points:
    583
    Location:
    Pennsylvania
    cPanel Access Level:
    Root Administrator
    Twitter:
    To do what? You should check those accounts for out of date plugins and make sure the wordpress installs are up to date for starters.

    Configuring CSF takes some time to properly setup. Simply installing it is helpful, but not enough.
     
    Stop hovering to collapse... Click to collapse... Hover to expand... Click to expand...
    #8 Infopro, Jun 7, 2017
  9. Tibbers

    Tibbers Member

    Joined:
    Jun 6, 2017
    Messages:
    7
    Likes Received:
    0
    Trophy Points:
    1
    Location:
    UK
    cPanel Access Level:
    Root Administrator
    But i've tried to suspend those account another accounts started the spam instead can't i limit the resources per user?
     
    #9 Tibbers, Jun 7, 2017
  10. Infopro

    Infopro cPanel Sr. Product Evangelist
    Staff Member

    Joined:
    May 20, 2003
    Messages:
    16,479
    Likes Received:
    421
    Trophy Points:
    583
    Location:
    Pennsylvania
    cPanel Access Level:
    Root Administrator
    Twitter:
    Sounds to me like you've got a couple of rogue user accounts that should be terminated, or worse, compromised accounts that need to be looked at a bit closer. Limiting resources would only slow them down, not end the problems you're faced with.

    You might want to look into hiring someone to assist you with this if you're unsure on what to do next:
    System Administration Services | cPanel Forums
     
    Stop hovering to collapse... Click to collapse... Hover to expand... Click to expand...
    #10 Infopro, Jun 7, 2017
  11. Tibbers

    Tibbers Member

    Joined:
    Jun 6, 2017
    Messages:
    7
    Likes Received:
    0
    Trophy Points:
    1
    Location:
    UK
    cPanel Access Level:
    Root Administrator
    I am sure its not a user spam that rocketfs2 is my own website and its getting attacked too.
     
    #11 Tibbers, Jun 7, 2017
  12. cPanelMichael

    cPanelMichael Technical Support Community Manager
    Staff Member

    Joined:
    Apr 11, 2011
    Messages:
    44,803
    Likes Received:
    1,898
    Trophy Points:
    363
    cPanel Access Level:
    Root Administrator
    Twitter:
    Hello,

    There's no such functionality in cPanel & WHM, but you may find CloudLinux helpful if you want this functionality:

    CloudLinux - Main | New template

    Thank you.
     
    Stop hovering to collapse... Click to collapse... Hover to expand... Click to expand...
    #12 cPanelMichael, Jun 13, 2017
(You must log in or sign up to post here.)
Loading...
Similar Threads - stop High Usage
  1. Muhamed Asil

    Website stops working after installing Wordpress

    Muhamed Asil, Oct 12, 2018, in forum: General Discussion
    Replies:
    5
    Views:
    92
    Muhamed Asil
    Oct 12, 2018
  2. BillyS

    Stopping Restarting of Outdated Services

    BillyS, Sep 14, 2018, in forum: General Discussion
    Replies:
    4
    Views:
    120
    cPanelLauren
    Sep 18, 2018
  3. Aidan Brookes

    SOLVED Stop extra DNS records being created for addon domains

    Aidan Brookes, Sep 5, 2018, in forum: Bind/DNS/Nameserver
    Replies:
    5
    Views:
    180
    brt
    Oct 7, 2018
  4. Wemerson Guimaraes

    Detect and Stop Outgoing Spam?

    Wemerson Guimaraes, Sep 2, 2018, in forum: E-mail Discussion
    Replies:
    3
    Views:
    227
    cPanelMichael
    Sep 4, 2018
  5. Vikhyat Singh

    websites stop working after php-fpm is enabled

    Vikhyat Singh, Aug 31, 2018, in forum: General Discussion
    Replies:
    3
    Views:
    147
    cPanelLauren
    Aug 31, 2018

Share This Page

  1. This site uses cookies to help personalise content, tailor your experience and to keep you logged in if you register.
    By continuing to use this site, you are consenting to our use of cookies.
    Accept Learn More...
    Dismiss Notice