| Posted by aniga17, 05-03-2015, 02:06 PM | | Hi WHT Friends,
Whenever i visit a website in my server i can't access all sites under my server also the server could some one tell me what is that? whenever i close the website after 1 minute i wll be able to visit all website under my server
thanks
|
| Posted by RDO Servers, 05-03-2015, 02:21 PM | | How long do you wait to let it load the first time?
What language/platform is the site on?
Are you on shared, VPS, or Dedicated?
|
| Posted by Ali Hadi, 05-03-2015, 02:26 PM | | can you ping those sites?
can your DNS server lookup their respetive ips?
sounds like either dns resolving issues.
If its linux os
go to /etc/resolve.conf and check the name servers are google dns . add them 8.8.8.8/8.8.4.4
|
| Posted by aniga17, 05-04-2015, 01:03 AM | | It takes time to wait the site loading
Server is Dedicated CENTOS 6.6
Panel:Cpanel
Site Language: PHP
|
| Posted by krizag, 05-04-2015, 01:28 AM | | which firewall are you using in your server?
|
| Posted by aniga17, 05-04-2015, 02:07 AM | | I am using ConfigServer Security & Firewall - csf v7.68
|
| Posted by aniga17, 05-04-2015, 02:09 AM | | DNS of the site is fine nothing is wrong also its replaying when i ping the site
|
| Posted by techs4gnu, 05-04-2015, 02:11 AM | | I strongly feel you may have csf firewall and either you are getting temporary blocked for some modsecurity rule or for some other restrictions set in csf firewall.
If not please check in cphulkd as well for any issues from whm
|
| Posted by aniga17, 05-04-2015, 02:19 AM | | maybe or maybe not because when before i visit the website i can access my server what makes me blocked when i visit the website?
Also when ever i visit that site CPU and Memory goes high check the image
|
| Posted by techs4gnu, 05-04-2015, 02:21 AM | | Swap usage seems to be 100% and memory usage of 95 %, Is the account infected ? Is the server resources fine if that site is not at all loaded ? IS this site a heavy traffic site ?
Also are you using modsecurity and especially new cpanel provided OWASP modsec rules ?
Last edited by techs4gnu; 05-04-2015 at 02:23 AM.
Reason: added contents
|
| Posted by aniga17, 05-04-2015, 02:32 AM | | It is not infected it is clear, the server is fine just that account makes the high load also the site has not heavy traffic i would like to investigate the problem.
Yes i am using Mod Security with the latest version but i am not installed OWASP ModSecurity Core Rule Set
|
| Posted by techs4gnu, 05-04-2015, 02:39 AM | | tail -f /usr/local/apache/logs/error_log and then go to browser and see if any thing gets logged in the log for your ip while trying to take your site in the browser.
Also check your isp in the lfd log (if yo have csf firewall installed )
# grep ISP_IP /var/log/lfd.log
and see if there is any temporary blocks
|
| Posted by aniga17, 05-04-2015, 02:54 AM | | Thank you I have browsed the site but nothing is blocked just high CPU when i run # top command see the image
|
| Posted by aniga17, 05-04-2015, 02:56 AM | | The image is for the user of the site
PID USER PR NI VIRT RES SHR S %CPU %MEM TIME+ COMMAND
851050 Username 20 0 190m 10m 5788 R 39.7 0.1 0:10.91 php
|
| Posted by hostinit, 05-04-2015, 03:12 AM | | Hi,
I think this certain site is poorly coded and that's why its eating full swap. Check the code with the help of an expert. Also try to tweak apache and php in your site.
|
| Posted by aniga17, 05-04-2015, 03:23 AM | | yep it is poorly coded i have suspended the site
Thank you all of you
|
| Posted by aniga17, 05-04-2015, 03:58 AM | | yep it is poorly coded i have suspended the site
thank you
|
| Posted by Hostedo, 05-04-2015, 10:17 AM | | All webmasters must:
1. Choose good passwords.
2. Pick third-party content providers very carefully.
3. Contact their hosting company or publishing platform for support
4. Check their server configuration.
5. Make a backup copy of your .htaccess file !important
6. Stay up-to-date with the latest software updates and patches.
7. Keep an eye on your log files.
8. Check your site for common vulnerabilities.
9. Use secure protocols. (https) !important
10. Keep up to date on the latest security news.
Hope this help!
|
| Posted by Ali Hadi, 05-04-2015, 10:25 AM | | you are my guru <3
|
| Posted by SneakySysadmin, 05-05-2015, 07:50 PM | | Next time you spot the php process that's sitting there eating up a third of your CPU:
First:
That will show everything that process has open in terms of files, ports etc.
Then:
This pid number is the one from the screenshot - change the pid number as needed of course. Should tell you where it's hanging at and what it's trying to do that's taking so long. The lsof output should also tell you if it's trying to write a bucketload to disk or silliness like that.
|
|
 Add to Favourites
 Print this Article
|
