[Solved] Suspended: Cbrpics Cbrpics

[cbrpics]

Username : cbrpics

 

Server : Tommy

 

Domain: cbrpics.com

Just trying to figure out why the account is suspended since the only software we run is wordpress and use cloudflare.

 

[wolstech]

 

Causing high server load. 216% more cpu than #2, 225% more memory than #2. #41 on bandwidth.

 

That's a lot of load. Escalating so we can get you some details on what's going on here.

[cbrpics]

Yes that is a lot of load, specially when all we are hosting up are for a few clients photos as we are small right now. This was just a starter site for us until the business builds then we are moving off to a dedicated server host as I do not think you all can handle 300gb of space and bandwidth necessary.

Edited December 11, 2017 by cbrpics

[wolstech]

We definitely can't do the space right now, but the bandwidth is not actually something we usually limit. The CPU and RAM usage is what got you suspended.

 

Krydos should be able to tell us what caused it so you can see about reducing its usage until then.

[cbrpics]

Hopefully Krydos can get back to us soon, luckily we are not a big site so not a ton of traffic but it still does affect our stats being down.

[Krydos]

Most of your load is coming from

/home/cbrpics/public_html/wp-login.php

which probably means you have a lot of bots trying to bruteforce their way into your wordpress account. Would it be feasible to disable logins? Like wolstech said you have basically no bandwidth usage so your site shouldn't be causing this much load unless something is wrong.

[cbrpics]

Yes I can disable logins once we have access. Primarily we only use one account which manages the entire site.

 

Also, do you think cloudflarw could be causing part of it too since we have them setup to monitor the site?

[Luigi123]

Cloudflare doesn't cause our servers to get high load. It's normal.

[cbrpics]

Luigi123 thanks for the information, as soon as I can get access I can disable the login for any clients on the WordPress.

 

Then we can go from there to monitor it to see if anything else is aiding in the cpu and memory load.

[Luigi123]

Sounds good. Let us know if you have any questions.

[Krydos]

Unsuspended. Please make the changes swiftly before your account starts to cause a lot of load again.

[cbrpics]

Login is disabled for all accounts except the admin account. Please let me know asap when issues arise again. Hopefully this will fix the problem.

 

On a side note, with wordpress I don't think you can fully disable the wp-login.php page as that is the same login page for all accounts including the admin account.

[Krydos]

I've never tried it, but I assume you could log in via SFTP and rename the wp-login.php file to something hidden like alhwdkwheuidwad.php and then put a new wp-login.php file with contents such as

<?php

echo "Logins are currently disabled due to abuse.";

Then if you need to log in to the admin account just rename the files back, login, do what you need to do, and then disable it again.

 

Also, please check in over the next few days to see how your load is doing. Our suspension system is automated to preserve the functionality of the server, but we can check your load levels to make sure you're not at risk of being suspended again. If one account is causing the other thousands of websites on the same server to run slowly or go offline our automated systems have to correct the problem.

[cbrpics]

I got it working, found a plugin called WPS Hide Login , now directs to an unknown hidden directory. If you attempt to go to https://www.cbrpics.com/wp-login.php you will get a Page Not Found notification even for the wp-admin directory is now redirected to the hidden directory. We shall see if this fixes the issue , which in theory should.

[Krydos]

Cool. That's a good plugin to know about. We've had a few other people with this wp-login.php load issue so I'll point them that direction if it works for you.