Knowledgebase

Portal Home > Knowledgebase > Articles Database > Limit CPU usage and trace abusers? cPanel..


Limit CPU usage and trace abusers? cPanel..




Posted by CuriosityHosting, 08-28-2012, 04:10 PM
Looking through dstat, I noticed a high CPU 'spike' http://i.imgur.com/iSFeJ.png So I went over to WHM to 'trace' the abuser, in which resulted in nothing.. http://i.imgur.com/kJNTJ.png Nor does it look like DDoS: http://i.imgur.com/qnVF5.png So I'm wondering what may have caused this, and how to stop it in the future, I'm running cPanel on CentOS 6 I was thinking CloudLinux may stop the problem? Last edited by CuriosityHosting; 08-28-2012 at 04:16 PM.
Posted by -Edward-, 08-28-2012, 05:43 PM
Do you see any specific scripts/users listed under your daily process logs that are using a lot of CPU and RAM?
Posted by utdream, 08-28-2012, 07:44 PM
Yes, I would *highly* recommend CloudLinux exactly for this purpose. It's cheap enough where it's very worth it to isolate your heavy-users away from your standard users. It was created exactly for this kind of situation.
Posted by racknap1, 08-29-2012, 10:57 AM
Hi, If you are thinking of CloudLinux, then i would recommend you to go for it, As in this you can limit the amount of resources one site can use so no single account can slow or take down a whole server, Moreover povide better security by running all processes under the correct user and in their own container. As far as the protection is concern, it saves the server from hackers and poorly written scripts that drain resources for other tenants
Posted by dareORdie, 08-29-2012, 11:13 AM
Yes cloud linux is best. cloud linux has count resources of users. You can easily grab the client which taking high resources on your server.
Posted by BestServerSupport, 08-29-2012, 12:05 PM
I am agree with others. CloudLinux allows us to limit the amount of resources any single account can use. There is a plugin of CloudLinux which you can use with cPanel/WHM.
Posted by web-1, 08-30-2012, 12:11 PM
There is an attack I found that would run the CPU way up and sometimes take the whole server down. I'm not sure if they have updated CSF/LFD yet, but basically it was something where you would get a lot of "User not found" reports from cpanelpop. The user would be blank and that is how you could tell that it's some sort of attack as I remember right you would see "user= realuser= " and they would do this over and over. So you could look for that. I like the idea of limiting the resources per user, they should have had that built in a long time ago. It's sort of a band-aid for the problem really, it's still good to track down the real problem since some CPU will still be used and slow things down. Plus in this case it's really no certain user's fault, it's a outside attacker making trouble and if you limit that one user down to slow down the problem, it may just jump to another user and now you have to lower them all. It's always something...


Was this answer helpful?

Add to Favourites Add to Favourites    Print this Article Print this Article

Also Read
POP/IMAP/Webmail login problems (Views: 630)
Highlayer rocks! :) (Views: 647)
Dedicated server in CA (Views: 649)
Assistance Required : Setting up simple webmail Interface (Views: 608)
Bandcon Outage (Views: 643)