Hi, I am running a WHM/cPanel on a VPS (AlmaLinux), since september.
About 3,5 weeks ago I upgraded the VPS for more CPU/RAM/DISK (2/8GB/100GB => 8/32GB/500GB). My hosting provider helped me manually increase the disk space (100GB => 500GB), and removed the swap partition of only 100 kb of size, after which I created a 4GB swap file instead (using "create-swap").
However, since the upgrade (don't know if that's the cause) the VPS has randomly shut down 4 times (3-6 days apart). I have checked the SAR command, and memory use/server load has been low on all 4 occasions. And swap file usage low or none. In the "messages" log the only pattern I can see is there's lots of "p0f WARNING: Too many host entries". See example below.
~~~~ VPS shut down here ~~~~
My hosting provider says there has been no incidents on the nodes on these occasions.
I filed a ticket to cPanel support but they were not able to determine the cause of the issue.
Greatful for any clues!
About 3,5 weeks ago I upgraded the VPS for more CPU/RAM/DISK (2/8GB/100GB => 8/32GB/500GB). My hosting provider helped me manually increase the disk space (100GB => 500GB), and removed the swap partition of only 100 kb of size, after which I created a 4GB swap file instead (using "create-swap").
However, since the upgrade (don't know if that's the cause) the VPS has randomly shut down 4 times (3-6 days apart). I have checked the SAR command, and memory use/server load has been low on all 4 occasions. And swap file usage low or none. In the "messages" log the only pattern I can see is there's lots of "p0f WARNING: Too many host entries". See example below.
Dec 12 03:29:39 srv2 p0f[1324]: [!] WARNING: Too many host entries, deleting 1001. Use -m to adjust.
Dec 12 03:29:39 srv2 p0f[1324]: [!] WARNING: Too many host entries, deleting 1001. Use -m to adjust.
Dec 12 03:29:43 srv2 p0f[1324]: [!] WARNING: Too many host entries, deleting 1001. Use -m to adjust.
Dec 12 03:29:43 srv2 p0f[1324]: [!] WARNING: Too many host entries, deleting 1001. Use -m to adjust.
Dec 12 03:29:47 srv2 p0f[1324]: [!] WARNING: Too many host entries, deleting 1001. Use -m to adjust.
Dec 12 03:29:47 srv2 pdns_server[1224]: Error sending reply with sendmsg (socket=5, dest=10.0.2.157:53): Invalid argument
Dec 12 03:29:47 srv2 PAM-hulk[317161]: Brute force detection active: 580 LOGIN DENIED -- EXCESSIVE FAILURES -- IP TEMP BANNED
Dec 12 03:29:47 srv2 p0f[1324]: [!] WARNING: Too many host entries, deleting 1001. Use -m to adjust.
Dec 12 03:29:48 srv2 p0f[1324]: [!] WARNING: Too many host entries, deleting 1001. Use -m to adjust.
Dec 12 03:29:48 srv2 pdns_server[1224]: Error sending reply with sendmsg (socket=5, dest=10.0.2.157:53): Invalid argument
Dec 12 03:29:52 srv2 PAM-hulk[317168]: Brute force detection active: 580 LOGIN DENIED -- EXCESSIVE FAILURES -- IP TEMP BANNED
~~~~ VPS shut down here ~~~~
My hosting provider says there has been no incidents on the nodes on these occasions.
I filed a ticket to cPanel support but they were not able to determine the cause of the issue.
Greatful for any clues!