Operating System & Version
Centos7
cPanel & WHM Version
100.0.5

IndicHosts.net

Well-Known Member
Mar 11, 2006
74
28
168
Online
cPanel Access Level
Root Administrator
Have been getting high CPU usage and on checking with

Bash:
netstat -an | egrep ":80|:443" | egrep '^tcp' | grep -v LISTEN | awk '{print $5}' | egrep '([0-9]{1,3}\.){3}[0-9]{1,3}' | sed 's/^\(.*:\)\?\(\([0-9]\{1,3\}\.\)\{3\}[0-9]\{1,3\}\).*$/\2/' | sort | uniq -c | sort -nr | sed 's/::ffff://' | head
found the highest concurrent connections from hostname's IPv4. Was able to mitigate using a reverse proxy but am confused about what we are seeing. Is this a DDoS or a misconfig ?