The Community Forums

Interact with an entire community of cPanel & WHM users!
  1. This site uses cookies. By continuing to use this site, you are agreeing to our use of cookies. Learn More.

How to stop High CPU Usage

Discussion in 'General Discussion' started by Tibbers, Jun 7, 2017.

  1. Tibbers

    Tibbers Member

    Joined:
    Jun 6, 2017
    Messages:
    7
    Likes Received:
    0
    Trophy Points:
    1
    Location:
    UK
    cPanel Access Level:
    Root Administrator
    Hello,
    My Daily process log

    i.gyazo.com/65fbc4788201ece56f0e0395ee7b245a.png

    That spam uses all of the CPU and forces me to reboot the cPanel VPS to get it working again

    The server is pining well during the attack.
     
    #1 Tibbers, Jun 7, 2017
    Last edited by a moderator: Jun 7, 2017
  2. Infopro

    Infopro cPanel Sr. Product Evangelist
    Staff Member

    Joined:
    May 20, 2003
    Messages:
    15,618
    Likes Received:
    296
    Trophy Points:
    433
    Location:
    Pennsylvania
    cPanel Access Level:
    Root Administrator
    Twitter:
    Please attach images to your posts.

    What spam? You've got several accounts overloading the server, you should take a closer look at them and take action.
     
    #2 Infopro, Jun 7, 2017
  3. Tibbers

    Tibbers Member

    Joined:
    Jun 6, 2017
    Messages:
    7
    Likes Received:
    0
    Trophy Points:
    1
    Location:
    UK
    cPanel Access Level:
    Root Administrator
    First thanks for your reply , The attacker is using a script i think spamming php functions around the websites, same files with same websites are running at the same server(Less specs) for a month now but this is an attack/spam/flood

    There is no plugins to limit the usage per user? or to stop those attacks by setting timeout time or banning the spammers ip?

    [​IMG]
     
    #3 Tibbers, Jun 7, 2017
    Last edited by a moderator: Jun 7, 2017
  4. Infopro

    Infopro cPanel Sr. Product Evangelist
    Staff Member

    Joined:
    May 20, 2003
    Messages:
    15,618
    Likes Received:
    296
    Trophy Points:
    433
    Location:
    Pennsylvania
    cPanel Access Level:
    Root Administrator
    Twitter:
    Going by your posted image above, it looks like a wordpress site login is being pounded (marceloe) and user rocket has a cron overloading the server.

    Installing Modsecurity and ConfigServer firewall should be of some use. Making sure those accounts are up to date and secure should also help.
     
    #4 Infopro, Jun 7, 2017
  5. Tibbers

    Tibbers Member

    Joined:
    Jun 6, 2017
    Messages:
    7
    Likes Received:
    0
    Trophy Points:
    1
    Location:
    UK
    cPanel Access Level:
    Root Administrator
    ModSecurity is already installed can you link me to ConfigServer firewall installtiong guide ? and is it free?

    And no other plugins to limit the spam or the flood?
     
    #5 Tibbers, Jun 7, 2017
  6. Infopro

    Infopro cPanel Sr. Product Evangelist
    Staff Member

    Joined:
    May 20, 2003
    Messages:
    15,618
    Likes Received:
    296
    Trophy Points:
    433
    Location:
    Pennsylvania
    cPanel Access Level:
    Root Administrator
    Twitter:
    You should be able to google that name and find it in less time than it took to ask for a link. :)

    Installing it is straight forward, you'll find install instructions on the listing for it at configserver.com

    Yes, it's free.
     
    #6 Infopro, Jun 7, 2017
  7. Tibbers

    Tibbers Member

    Joined:
    Jun 6, 2017
    Messages:
    7
    Likes Received:
    0
    Trophy Points:
    1
    Location:
    UK
    cPanel Access Level:
    Root Administrator
    I found it thanks :) and installed it too, No other suggested plugins?
     
    #7 Tibbers, Jun 7, 2017
  8. Infopro

    Infopro cPanel Sr. Product Evangelist
    Staff Member

    Joined:
    May 20, 2003
    Messages:
    15,618
    Likes Received:
    296
    Trophy Points:
    433
    Location:
    Pennsylvania
    cPanel Access Level:
    Root Administrator
    Twitter:
    To do what? You should check those accounts for out of date plugins and make sure the wordpress installs are up to date for starters.

    Configuring CSF takes some time to properly setup. Simply installing it is helpful, but not enough.
     
    #8 Infopro, Jun 7, 2017
  9. Tibbers

    Tibbers Member

    Joined:
    Jun 6, 2017
    Messages:
    7
    Likes Received:
    0
    Trophy Points:
    1
    Location:
    UK
    cPanel Access Level:
    Root Administrator
    But i've tried to suspend those account another accounts started the spam instead can't i limit the resources per user?
     
    #9 Tibbers, Jun 7, 2017
  10. Infopro

    Infopro cPanel Sr. Product Evangelist
    Staff Member

    Joined:
    May 20, 2003
    Messages:
    15,618
    Likes Received:
    296
    Trophy Points:
    433
    Location:
    Pennsylvania
    cPanel Access Level:
    Root Administrator
    Twitter:
    Sounds to me like you've got a couple of rogue user accounts that should be terminated, or worse, compromised accounts that need to be looked at a bit closer. Limiting resources would only slow them down, not end the problems you're faced with.

    You might want to look into hiring someone to assist you with this if you're unsure on what to do next:
    System Administration Services | cPanel Forums
     
    #10 Infopro, Jun 7, 2017
  11. Tibbers

    Tibbers Member

    Joined:
    Jun 6, 2017
    Messages:
    7
    Likes Received:
    0
    Trophy Points:
    1
    Location:
    UK
    cPanel Access Level:
    Root Administrator
    I am sure its not a user spam that rocketfs2 is my own website and its getting attacked too.
     
    #11 Tibbers, Jun 7, 2017
  12. cPanelMichael

    cPanelMichael Forums Analyst
    Staff Member

    Joined:
    Apr 11, 2011
    Messages:
    37,064
    Likes Received:
    1,288
    Trophy Points:
    363
    cPanel Access Level:
    Root Administrator
    Hello,

    There's no such functionality in cPanel & WHM, but you may find CloudLinux helpful if you want this functionality:

    CloudLinux - Main | New template

    Thank you.
     
    #12 cPanelMichael, Jun 13, 2017
(You must log in or sign up to post here.)
Loading...
Similar Threads - stop High Usage
  1. Vasanthjan

    How to stop sendmail?

    Vasanthjan, Aug 7, 2017, in forum: E-mail Discussions
    Replies:
    2
    Views:
    57
    Paarami
    Aug 9, 2017
  2. Krydos

    SOLVED AutoSSL has stopped working

    Krydos, Aug 3, 2017, in forum: Security
    Replies:
    17
    Views:
    283
    Krydos
    Aug 9, 2017
  3. Bob Katz

    Stopped getting mailing list emails

    Bob Katz, Aug 2, 2017, in forum: E-mail Discussions
    Replies:
    18
    Views:
    154
    cPanelMichael
    Aug 8, 2017
  4. megahost

    stop spam from authenticated local user

    megahost, Aug 2, 2017, in forum: E-mail Discussions
    Replies:
    6
    Views:
    109
    rpvw
    Aug 2, 2017
  5. wael1989

    When sending mail, Apache stops working

    wael1989, Jul 28, 2017, in forum: E-mail Discussions
    Replies:
    3
    Views:
    77
    cPanelMichael
    Jul 31, 2017

Share This Page