Hello,
We have a ("Cloud") VM server which for the most part works fantastic, most of the time there is no issues. Although at some points (sometimes can be weeks in between, sometimes a couple times in a week) I get extreme high load and on a few occurrence the entire server was inaccessible.
I can seem to put my hand on what the cause is, my guess is either brute force/DDOS attacks on some of the hosted websites or on the actual server.
I was under the impression CloudLinux was specialized to avoid exactly this?
I had the server initially configured by cPanel Service Package + MailScanner and then went through securing php as best as I could. Through the CSF server check I score extremely high (129/231), with the few points being non-issues as far as I know.
Plugings are:
CageFS
ConfigServer Explorer
ConfigServer Mail Manage
ConfigServer Mail Queues
ConfigServer MailScanner FE
ConfigServer ModSec Control
ConfigServer eXploit Scanner
ConfigServer Security&Firewall
Google Apps Wizard
Mod Security
Munin Service Monitor
Softaculous - Instant Installs
I can provide any log or specs you may require to help me out, anything would be greatly appreciate. My goal is to see if I can hopefully eliminate the high loads altogether or else know what to do during those times to optimize the situation.
Server Specs:
6 GB RAM
6 CPU Cores – 3.6 Ghz
Average load throughout the day jumps from 0.15 to 0.50 ... On high load goes from 5.00 to 15.00 and sometime 45.00+ (Around this point the server is so hard to work with I can barely get those stats)..
Which logs would be most helpful to post? This is the email alert I get:
Time: Mon Oct 29 10:50:58 2012 -0400
1 Min Load Avg: 11.79
5 Min Load Avg: 6.16
15 Min Load Avg: 3.65
Running/Total Processes: 5/293
Attached: ps.txt
Attached: vmstat.txt
Attached: apachestatus.html
We have a ("Cloud") VM server which for the most part works fantastic, most of the time there is no issues. Although at some points (sometimes can be weeks in between, sometimes a couple times in a week) I get extreme high load and on a few occurrence the entire server was inaccessible.
I can seem to put my hand on what the cause is, my guess is either brute force/DDOS attacks on some of the hosted websites or on the actual server.
I was under the impression CloudLinux was specialized to avoid exactly this?
I had the server initially configured by cPanel Service Package + MailScanner and then went through securing php as best as I could. Through the CSF server check I score extremely high (129/231), with the few points being non-issues as far as I know.
Plugings are:
CageFS
ConfigServer Explorer
ConfigServer Mail Manage
ConfigServer Mail Queues
ConfigServer MailScanner FE
ConfigServer ModSec Control
ConfigServer eXploit Scanner
ConfigServer Security&Firewall
Google Apps Wizard
Mod Security
Munin Service Monitor
Softaculous - Instant Installs
I can provide any log or specs you may require to help me out, anything would be greatly appreciate. My goal is to see if I can hopefully eliminate the high loads altogether or else know what to do during those times to optimize the situation.
Server Specs:
6 GB RAM
6 CPU Cores – 3.6 Ghz
Average load throughout the day jumps from 0.15 to 0.50 ... On high load goes from 5.00 to 15.00 and sometime 45.00+ (Around this point the server is so hard to work with I can barely get those stats)..
Which logs would be most helpful to post? This is the email alert I get:
Time: Mon Oct 29 10:50:58 2012 -0400
1 Min Load Avg: 11.79
5 Min Load Avg: 6.16
15 Min Load Avg: 3.65
Running/Total Processes: 5/293
Attached: ps.txt
Attached: vmstat.txt
Attached: apachestatus.html
