How to stop High CPU Usage

[Tibbers]

Hello,
My Daily process log

i.gyazo.com/65fbc4788201ece56f0e0395ee7b245a.png

That spam uses all of the CPU and forces me to reboot the cPanel VPS to get it working again

The server is pining well during the attack.

 

[Infopro]

Please attach images to your posts.

That spam uses all of the CPU

What spam? You've got several accounts overloading the server, you should take a closer look at them and take action.

 

[Tibbers]

Please attach images to your posts.



What spam? You've got several accounts overloading the server, you should take a closer look at them and take action.

First thanks for your reply , The attacker is using a script i think spamming php functions around the websites, same files with same websites are running at the same server(Less specs) for a month now but this is an attack/spam/flood

There is no plugins to limit the usage per user? or to stop those attacks by setting timeout time or banning the spammers ip?

 

[Infopro]

Going by your posted image above, it looks like a wordpress site login is being pounded (marceloe) and user rocket has a cron overloading the server.

Installing Modsecurity and ConfigServer firewall should be of some use. Making sure those accounts are up to date and secure should also help.

 

[Tibbers]

ModSecurity is already installed can you link me to ConfigServer firewall installtiong guide ? and is it free?

And no other plugins to limit the spam or the flood?

 

[Infopro]

You should be able to google that name and find it in less time than it took to ask for a link.

Installing it is straight forward, you'll find install instructions on the listing for it at configserver.com

Yes, it's free.

 

[Tibbers]

You should be able to google that name and find it in less time than it took to ask for a link.

Installing it is straight forward, you'll find install instructions on the listing for it at configserver.com

Yes, it's free.

I found it thanks and installed it too, No other suggested plugins?

 

[Infopro]

To do what? You should check those accounts for out of date plugins and make sure the wordpress installs are up to date for starters.

Configuring CSF takes some time to properly setup. Simply installing it is helpful, but not enough.

 

[Tibbers]

To do what? You should check those accounts for out of date plugins and make sure the wordpress installs are up to date for starters.

Configuring CSF takes some time to properly setup. Simply installing it is helpful, but not enough.

But i've tried to suspend those account another accounts started the spam instead can't i limit the resources per user?

 

[Infopro]

Sounds to me like you've got a couple of rogue user accounts that should be terminated, or worse, compromised accounts that need to be looked at a bit closer. Limiting resources would only slow them down, not end the problems you're faced with.

You might want to look into hiring someone to assist you with this if you're unsure on what to do next:
System Administration Services | cPanel Forums

 

[Tibbers]

Sounds to me like you've got a couple of rogue user accounts that should be terminated, or worse, compromised accounts that need to be looked at a bit closer. Limiting resources would only slow them down, not end the problems you're faced with.

You might want to look into hiring someone to assist you with this if you're unsure on what to do next:
System Administration Services | cPanel Forums

I am sure its not a user spam that rocketfs2 is my own website and its getting attacked too.

 

[cPanelMichael]

There is no plugins to limit the usage per user? or to stop those attacks by setting timeout time or banning the spammers ip?

Hello,

There's no such functionality in cPanel & WHM, but you may find CloudLinux helpful if you want this functionality:

CloudLinux - Main | New template

Thank you.