Last night my website went down for reasons unknown, and gave me a 500 Internal Error. So I got into a chat with Dreamhosts’ customer service people, who haven’t been very helpful in the past, and this is what happened:
[10:22:33] Daniel: seems that your user ‘desertsun’ is hitting our process watcher on the server pretty hard. The process watcher is in place to kill any process that runs to high as per the shared instance
[10:23:02] Tim: What would be causing that?
[10:23:14] Daniel: your domain user hit procwatch 3265 times today already which is very high
[10:23:26] Tim: as far as I know, I’ve only got a standard WordPress blog running
[10:23:40] Daniel: [provides list of IP addresses hitting my site]
[10:24:03] Daniel: might be a factor ^ the first number is the amount of hits from the following IPs
[10:24:57] Tim: So if too many people visit my blog it gets shut down?!
[10:26:02] Daniel: negative that can be a factor of your spike in resource usage, those IPs are pretty heavy hitting, more than likely a bot . but it will stem down to your optimization for the site itself
[10:26:32] Tim: So how do I solve that? I’m not doing anything to attract the bots, it’s just a personal blog with a standard WordPress installation
[10:26:47] Daniel: I would recommend review these guide to look into your usage issue and follow the steps to correct [provides links to various guides on how to sort your own problems out, all of which assumes you have IT skills which go beyond basic]
[10:27:55] Tim: Okay, look…I need a web host that can handle hosting a simple blog with 1k visitors per day without my having to teach myself web optimization
The chat gets disconnected. After 10 mins, I get another guy.
[10:49:21] Chris S: Okay so if the site is hitting procwatch, unfortunately some optimization of the site would need to be done. Traffic can be a factor but usually its also whats installed and running on the site. As for any IPs from bots that may be hitting the site too many times, they can be blocked via htaccess file.
[10:50:02] Tim: What’s installed is a standard WordPress install with a standard template.
[10:50:34] Tim: Is Dreamhost really incapable of handling this sort of install?
[10:51:04] Chris S: Thats not the issue
[10:51:18] Tim: then what is? I’m not an IT guy.
[10:51:20] Chris S: There is something running under your user desertsun that is hitting the limits of the shared service
[10:51:30] Tim: right, but what it is?
[10:51:35] Chris S: Could be a plugin, script, theme, etc
[10:51:49] Tim: And you can’t tell me? As I said, it’s a standard WordPress install. Nothing modified by me or anyone else. Some plugins, though.
[10:52:28] Chris S: Unfortunately the process only comes up as php56.cgi which doesn’t contain specific information
[10:52:48] Chris S: those type of processes are usually from plugins or theme or any scripts set to run on the server for the site
[10:52:56] Tim: So basically you cannot host my blog on a standard WordPress install, and you’ll shut it down and tell me to fix it myself?
[10:54:09] Chris S: We can host the site but if there are issues with your user hitting the limits on the shared server, that is up to you to correct. We don’t optimize site or manage them that is the responsibility of the website owner or whoever manages it
[10:54:56] Chris S: [Provides link to site which isn’t very helpful]
[10:55:12] Chris S: You can find more information regarding the procwatch service on shared at the link above.
[10:55:15] Tim: Yeah, I’m not an IT guy
[10:55:56] Tim: I’ve read the link. Sorry, but I’ve run this blog for years, never a problem until today. Now I hear I need to teach myself web optimisation. This standard of service is absolutely appalling
[10:58:06] Chris S: I do apologize but if the user is hitting limits on the server, optimization would be required and thats not something that we directly handle 🙁
[10:58:33] Chris S: I’ve checked the logs and verified that the user is logging entries on the procwatch logs to confirm
[10:58:34] Tim: No, but you can’t even tell whether it is an optimisation problem.
[10:59:03] Tim: Which process is causing the problem? Which plugin? It’s a standard WordPress install!
[11:00:05] Tim: And my site has been down over an hour. How is it still hitting the limits?
[11:00:20] Chris S: Let me see what I can find for you
[11:00:22] Chris S: one moment please
[11:07:16] Chris S: I think its WordFence
[11:07:19] Chris S: Still checking
[11:07:32] Tim: okay. That got installed recently, so could be
[11:07:52] Tim: I was having a lot of brute-force attacks on my site
[11:07:55] Chris S: All the processes I’m seeing are coming from [provides list of WordFence processes that are running wild]
[11:08:21] Tim: yes, that would be it I think
[11:08:34] Tim: does WordFence usually cause these problems?
[11:10:33] Chris S: I’ve seen it cause problems before not necessarily this.
[11:10:59] Tim: Yes, I think it was the live tracking feature of WordFence
And it was. Last week I got a load of warnings of a brute force attack on my site’s login, so I installed the WordFence plugin. Unbeknownst to me it runs a live IP tracker of everything accessing the site, so when a bunch of MSN bots (!) started pinging me incessantly, it used up all the memory on the (shared) server. I disabled the plugin and everything returned to normal. Had I not persisted with the customer service guy, I’d have been fobbed off with a load of links telling me to optimise my site, which would have done nothing to solve the problem.
Of course, when similar problems have arisen in the past they’ve been quick to try to flog me a VPS or some other upgrade, so perhaps they’re being unhelpful on purpose?