Technical problem found and (eventually) solved

Last night my website went down for reasons unknown, and gave me a 500 Internal Error. So I got into a chat with Dreamhosts’ customer service people, who haven’t been very helpful in the past, and this is what happened:

[10:22:33] Daniel: seems that your user ‘desertsun’ is hitting our process watcher on the server pretty hard. The process watcher is in place to kill any process that runs to high as per the shared instance
[10:23:02] Tim: What would be causing that?
[10:23:14] Daniel: your domain user hit procwatch 3265 times today already which is very high
[10:23:26] Tim: as far as I know, I’ve only got a standard WordPress blog running
[10:23:40] Daniel: [provides list of IP addresses hitting my site]
[10:24:03] Daniel: might be a factor ^ the first number is the amount of hits from the following IPs
[10:24:57] Tim: So if too many people visit my blog it gets shut down?!
[10:26:02] Daniel: negative that can be a factor of your spike in resource usage, those IPs are pretty heavy hitting, more than likely a bot . but it will stem down to your optimization for the site itself
[10:26:32] Tim: So how do I solve that? I’m not doing anything to attract the bots, it’s just a personal blog with a standard WordPress installation
[10:26:47] Daniel: I would recommend review these guide to look into your usage issue and follow the steps to correct [provides links to various guides on how to sort your own problems out, all of which assumes you have IT skills which go beyond basic]
[10:27:55] Tim: Okay, look…I need a web host that can handle hosting a simple blog with 1k visitors per day without my having to teach myself web optimization

The chat gets disconnected. After 10 mins, I get another guy.

[10:49:21] Chris S: Okay so if the site is hitting procwatch, unfortunately some optimization of the site would need to be done. Traffic can be a factor but usually its also whats installed and running on the site. As for any IPs from bots that may be hitting the site too many times, they can be blocked via htaccess file.
[10:50:02] Tim: What’s installed is a standard WordPress install with a standard template.
[10:50:34] Tim: Is Dreamhost really incapable of handling this sort of install?
[10:51:04] Chris S: Thats not the issue
[10:51:18] Tim: then what is? I’m not an IT guy.
[10:51:20] Chris S: There is something running under your user desertsun that is hitting the limits of the shared service
[10:51:30] Tim: right, but what it is?
[10:51:35] Chris S: Could be a plugin, script, theme, etc
[10:51:49] Tim: And you can’t tell me? As I said, it’s a standard WordPress install. Nothing modified by me or anyone else. Some plugins, though.
[10:52:28] Chris S: Unfortunately the process only comes up as php56.cgi which doesn’t contain specific information
[10:52:48] Chris S: those type of processes are usually from plugins or theme or any scripts set to run on the server for the site
[10:52:56] Tim: So basically you cannot host my blog on a standard WordPress install, and you’ll shut it down and tell me to fix it myself?
[10:54:09] Chris S: We can host the site but if there are issues with your user hitting the limits on the shared server, that is up to you to correct. We don’t optimize site or manage them that is the responsibility of the website owner or whoever manages it
[10:54:56] Chris S: [Provides link to site which isn’t very helpful]
[10:55:12] Chris S: You can find more information regarding the procwatch service on shared at the link above.
[10:55:15] Tim: Yeah, I’m not an IT guy
[10:55:56] Tim: I’ve read the link. Sorry, but I’ve run this blog for years, never a problem until today. Now I hear I need to teach myself web optimisation. This standard of service is absolutely appalling
[10:58:06] Chris S: I do apologize but if the user is hitting limits on the server, optimization would be required and thats not something that we directly handle 🙁
[10:58:33] Chris S: I’ve checked the logs and verified that the user is logging entries on the procwatch logs to confirm
[10:58:34] Tim: No, but you can’t even tell whether it is an optimisation problem.
[10:59:03] Tim: Which process is causing the problem? Which plugin? It’s a standard WordPress install!
[11:00:05] Tim: And my site has been down over an hour. How is it still hitting the limits?
[11:00:20] Chris S: Let me see what I can find for you
[11:00:22] Chris S: one moment please
[11:07:16] Chris S: I think its WordFence
[11:07:19] Chris S: Still checking
[11:07:32] Tim: okay. That got installed recently, so could be
[11:07:52] Tim: I was having a lot of brute-force attacks on my site
[11:07:55] Chris S: All the processes I’m seeing are coming from [provides list of WordFence processes that are running wild]
[11:08:21] Tim: yes, that would be it I think
[11:08:34] Tim: does WordFence usually cause these problems?
[11:10:33] Chris S: I’ve seen it cause problems before not necessarily this.
[11:10:59] Tim: Yes, I think it was the live tracking feature of WordFence

And it was. Last week I got a load of warnings of a brute force attack on my site’s login, so I installed the WordFence plugin. Unbeknownst to me it runs a live IP tracker of everything accessing the site, so when a bunch of MSN bots (!) started pinging me incessantly, it used up all the memory on the (shared) server. I disabled the plugin and everything returned to normal. Had I not persisted with the customer service guy, I’d have been fobbed off with a load of links telling me to optimise my site, which would have done nothing to solve the problem.

Of course, when similar problems have arisen in the past they’ve been quick to try to flog me a VPS or some other upgrade, so perhaps they’re being unhelpful on purpose?

Liked it? Take a second to support Tim Newman on Patreon!
Share

25 thoughts on “Technical problem found and (eventually) solved

  1. I waded through shite like this with various hosting companies for years… Site going down because Reasons, using too much resource, etc.

    I finally found an amazing host in the ‘States with fantastic support and have never had an issue since even after adding multiple new websites to my hosting service.

    My experience: the ‘big companies’ don’t provide the best hosting experience and definitely not the best support.

  2. I finally found an amazing host in the ‘States with fantastic support and have never had an issue since even after adding multiple new websites to my hosting service.

    If this shit keep up, I’ll ask you for their name.

    My experience: the ‘big companies’ don’t provide the best hosting experience and definitely not the best support.

    I used to be with a small one whose customer service was good, but they told me I was using too much bandwidth and their company doesn’t really cater for blogs like mine, i.e. only tiny, personal websites. So I went with one of the big ‘uns in the hope I’d install and forget. Some hope.

  3. As a non-IT guy I also found running a WordPress site (for my business) to be surprisingly hard and communicating with tech support similarly unhelpful. Posting articles was fine but what was going on behind the scenes eluded me. The site stopped sending me emails when the contact form was filled in,after my provider blacklisted it – according to them this was an automatic thing after they detected porn links had been inserted into some of my html so they figured my site had been compromised. Shortly after there was a news story about a WordPress exploit that had affected many sites so I suppose I wasn’t the only one, but the provider’s advice on what I needed to do to protect myself largely came down to “sort it out yourself” with the assumption that I was an whizz in WordPress and security. Though they did, to be fair, tell me where the malicious code on my WordPress files could be found and how to delete it, how to stop it happening again or how to get my notification emails back remained a mystery. And finding people to sort this stuff out for you seems unreasonably expensive for the fairly simple site I had wanted to host.

    I opted for WordFence for a degree of protection and found it reassuring – nice to know how many people in Ukraine are making failed attempts to log in as your site admin – but while I would feel very exposed without it, I still don’t have any great confidence in how well I am secured. Never did get those notification emails back working either – as far as I could understand from what the tech support people were telling me, that would involve paying big bucks for someone on their side to do a security sweep on my site before they would “trust” it again.

    Obviously the fact WordPress comes with so many bells and whistles and plug-ins and so on means it is always going to be a vulnerable target. Since I don’t really need more than a small fraction of its capabilities, and don’t really have the time or inclination to learn all of its dark arts, it perhaps wasn’t the right solution for me. But I knew I wanted to have a contact form, host a blog, be able to embed pdfs, write in LaTeX, have good automatic adjustment to mobile/tablet (50% of my views) and I knew WP could handle those things so probably didn’t spend enough time looking into alternatives.

  4. MBE,

    It sounds as though our experiences with WordPress and hosts are very similar. I too had the “malicious code is on your domain, sort it out” email, and I had to push them to tell me where it was.

  5. Glad you got it sorted for now. I’m sure you said you were behind Cloudflare, but I notice your site’s IP is a Dreamhost one. Did you turn Cloudflare off or had problems setting it up?

  6. Tim,

    Yeah didn’t think I could be the only one. They can come across quite aggressive as to “it is your fault” (for not securing yourself properly and not being a general tech whizz) but when that turns out to be due to a flaw in the product they’re selling you it does seem a bit of a cheek. It’s also at odds with the way these things are marketed as “you don’t have to be an IT guy anymore to run your own website”. I’m beginning to wonder if, for anything half-important, you actually do.

    Obviously if I was storing customer details or taking payments I’d want to hire a pro (though again, providers market “now you can even run your own online shop without being a tech guy!” – if I wasn’t confident about the security their product came with and didn’t have the skills to set up my own layer, I’d have to wonder how many small businesses doing this are falling foul of data protection and other laws). For what is basically a glorified advert I thought I could get away with it. Since I generate enough leads advertising more cheaply elsewhere it doesn’t make a whole lot of sense to pay someone to sort it out for me, but I liked having the site as a real option in case I chose to grow the business in some way.

    Don’t intend to hijack your thread with my own problems but I’m sure I’m not alone in hoping Bloke in Cyprus or others might share the secrets of their success!

  7. Glad you got it sorted for now. I’m sure you said you were behind Cloudflare, but I notice your site’s IP is a Dreamhost one. Did you turn Cloudflare off or had problems setting it up?

    No, I have Cloudflare working. Why this didn’t stop the MSN bots attacking me I don’t know.

  8. I have found (from TimW’s site) that the WP SuperCache plugin is pretty good: it saves archives as flat files, so that you are not hitting the database all the time.

    As someone who works in web software development, I would never try to manage my own shop, BTW.

    DK

  9. Don’t intend to hijack your thread with my own problems but I’m sure I’m not alone in hoping Bloke in Cyprus or others might share the secrets of their success!

    I didn’t know if I should advertise here so I’ve sent Tim the details by e-mail… Lets see what he thinks and if he wants to share he can post them here or e-mail you.

  10. I have found (from TimW’s site) that the WP SuperCache plugin is pretty good: it saves archives as flat files, so that you are not hitting the database all the time.

    Thanks!

  11. No, I have Cloudflare working. Why this didn’t stop the MSN bots attacking me I don’t know.

    Ah I see, you’re not using Cloudflare’s DNS so are exposing your server’s IP rather than one of Cloudflare’s servers. https://checkforcloudflare.selesti.com/?q=http://www.desertsun.co.uk

    If you switch your DNS servers from Dreamhost’s to Cloudflare’s all those bots hit Cloudflare’s machines which do some additional filtering before letting them through to your server.
    https://support.cloudflare.com/hc/en-us/articles/205195708-Step-3-Change-your-domain-name-servers-to-Cloudflare
    https://help.dreamhost.com/hc/en-us/articles/216385467-Nameservers-overview

  12. If you switch your DNS servers from Dreamhost’s to Cloudflare’s all those bots hit Cloudflare’s machines which do some additional filtering before letting them through to your server.

    Ooh, thanks. That’s worth looking at.

  13. Re: Big companies.
    HEG (Hosting Europe Group) hosts nearly 40% of sites in Europe through large players like 123Reg, Heart, Paragon, who in turn own large hosting subsidiaries. What they seem to share in common are two things:
    1 -Service levels go to shite when HEG takes over a company
    2 -HEG is owned by Go Daddy (which owns Securi, a Wordfence competitor).

    Thus it is fairly hard to find ground between hosts owned by The Behemoth and hosts too small to cope. One possible solution is to find a web company that has a concierge service and who will manage everything for you, leaving you time to blog, write novels and, yes, work.

  14. If you switch your DNS servers from Dreamhost’s to Cloudflare’s all those bots hit Cloudflare’s machines which do some additional filtering before letting them through to your server.

    Turns out I can’t. CloudFlare insist I change my DNS settings through Dreamhost (their partners). But my domain name isn’t registered with Dreamhost, it’s with a 3rd party, and I’m not gonna transfer it after yesterday’s experience!

  15. [cracks knuckles]

    Pull up a chair, folks. Now y’all are playing in my park. I’m a DevOps engineer when I’m not dressing up like a flying rat and fighting crime.

    Disclaimer: I used to use Dreamhost. Yes, they suck.

    The thing is, if you read the fine print you’ll find that you’re getting exactly what you’re paying for: a cheap web site hosting environment that lets you run your own PHP or other dynamic-content web sites (in this case, “dynamic” means that what’s displayed is generated by a program that queries a database and spits out ephemeral HTML direct to the web browser, rather than an unchanging text file of HTML that’s downloaded from the server and then displayed by your browser)

    In the biz, we describe this as a “stack” of services that deliver your web site:

    Browser
    V
    ——
    Cloudflare
    ——
    Connection Load Balancer
    ——
    (WordPress Code)
    Web Server (talks to the browser)
    Application Server (queries database and generates the HTML)
    Operating System
    Computer Hardware

    Dreamhost, like virtually all cheap hosting providers, is responsible only for providing you with an environment where you can run your own web site code. Whether that’s code you write yourself, or code you download from WordPress, or whatever, they don’t care and are not responsible for it. You are expected to Handle Your Own Shit.

    Now, they muddle this a little bit by providing “one-click” installers that set up WordPress for you, because that’s not trivial, but read the fine print: after that install, they’re still not responsible. In the parlance, everything below “WordPress” in the stack is their responsibility, WordPress and everything else is your responsibility.

    At the rates you’re paying, it simply isn’t feasible for them to provide anything more than bare minimum support (“Your web site is taking up too many CPU resources. Handle Your Shit.”). They have no way of vetting your code (or your WordPress plugins) to ensure it’s being well-behaved, and because of the way WordPress plugins and PHP code works it really isn’t possible to determine exactly which plugin is causing the application server to run amok without low-level debugging. The time you’ve consumed in support salary alone on this one issue is likely close to the annual hosting cost for your blog.

    If you want the level of support you’re expecting, you need to use a hosted WordPress service, not merely host-your-own-web-site generic hosting. There’s lots of them about, including wordpress.com itself, but you’re going to pay at least as much per month and likely more.

    As a DevOps engineer, my personal blog runs on a free-tier Amazon AWS VM. But then, this is my jam.

  16. I have been running 5 WordPress websites hosted on GoDaddy with WordFence protecting them for many years and have had excellent technical support.

    In fact, when I am surveyed after requesting assistance, I always add, “Don’t change anything!”

    I feel that if you call GoDaddy and ask about the things that have concerned you, you will get answers that you can use.

  17. And you wondered why Professor Peterson doesn’t run his own server.

    Heh! Not any more I don’t! 🙂

  18. I have been running 5 WordPress websites hosted on GoDaddy with WordFence protecting them for many years and have had excellent technical support.

    Thanks for that. I’ll keep them in mind.

  19. Pull up a chair, folks. Now y’all are playing in my park. I’m a DevOps engineer when I’m not dressing up like a flying rat and fighting crime.

    Heh. Thanks for this input!

    Now, they muddle this a little bit by providing “one-click” installers that set up WordPress for you, because that’s not trivial, but read the fine print: after that install, they’re still not responsible.

    I installed it myself, as I’ve always done.

    At the rates you’re paying, it simply isn’t feasible for them to provide anything more than bare minimum support

    Fair enough, that answers the question. This is like a lot of businesses, you think they do X but in reality they do X minus one hell of a lot of Y.

  20. Has anything else happened since February 27, 2018? I’m having similar problems with the same host.

  21. Fair enough, that answers the question. This is like a lot of businesses, you think they do X but in reality they do X minus one hell of a lot of Y.

    Between virtualization and “as a service”, there’s been a massive sea change in the realm of host-it-yourself businesses. A lot of hosters that have been in business forever really haven’t kept up technically, but they have to advertise as if they have or else lose tons of customers.

    If you don’t actually need anything but WordPress hosting, I’d suggest switching to WordPress.com or a similar third-party WordPress hoster. The price is similar and they’ll just handle all this backend stuff for you.

  22. Identical problem, solved because of this post.
    Other than a document dump of Watergate proportions of irrelevant things I already knew and had implemented – and the most cordial and earnest entreaties to ask them any sort of questions or for any sort of additional help – DreamHost Customer Support provided exactly zero help.

    If you wish to promote your book on Alexandria, shoot me something in 300-plus non-duplicated words according to the submission terms at the top of my site.

Comments are closed.