wordpress site maxing Entry Processes

[babeterminal]

i have try everything to find what is causing Entry Processes to max in bing most have this set at 20/25 my host is 15 , i deactivated[even removed] all plugins changed themes
whats else could be causing this

i contacted my host and they first said i need to upgrade to a share vpn for 700 a year this is not viable for a small site with 5000 hits a day i can not see any increase in traffic

was thinking of blocking china/3rd world i now also throttle google/bing bots have blocked most all other unwanted bots

any ideas?

thanks

[robwod]

Check to make sure you are not being "attacked" on your xmlrpc.php file or on your wp-login.php file.

There's a pile of bots hammering those these days and numerous simultaneous xmlrpc.php calls in particular can really drive up your server load if left unchecked. you can try deleting xmlrpc.php if you don't use it. Or add a root based htaccess file to restrict access to the file.

[johnny_r]

are you using apache? You may think about switching to nginx which is more lightweight and faster than running wordpress on a apache.

[babeterminal]

Quote:

Originally Posted by robwod

Check to make sure you are not being "attacked" on your xmlrpc.php file or on your wp-login.php file.

There's a pile of bots hammering those these days and numerous simultaneous xmlrpc.php calls in particular can really drive up your server load if left unchecked. you can try deleting xmlrpc.php if you don't use it. Or add a root based htaccess file to restrict access to the file.

thanks i just deleted xmlrpc.php i have the wp-login.php going to a different login url lets see how this goes today

[ClaireMonroe]

Did you check your raw log files to see what might be hammering it?

[anexsia]

Quote:

Originally Posted by johnny_r

are you using apache? You may think about switching to nginx which is more lightweight and faster than running wordpress on a apache.

That wouldn't do anything about his problem, he's maxing out entry processes which is database related..not to mention if his host has entry processes set at 15 that likely means he's using shared hosting and wouldn't have the choice to switch to nginx.

babeterminal: Make sure you're using a cache plugin, allow only your IP to access wp-login.php or setup auth password protection in front of it to stop brute force attempts, optimize your MySQL database (depending on how many plugins you had installed you might have a lot of leftover stuff in your database). If you're only getting 5,000 visitors you shouldn't be anywhere near that many entry processes unless you had a lot of plugins installed or something?

[AdultKing]

Quote:

Originally Posted by babeterminal

i have try everything to find what is causing Entry Processes to max in bing most have this set at 20/25 my host is 15 , i deactivated[even removed] all plugins changed themes . whats else could be causing this

How many visits do you have at the times you max out processes ?

[Bladewire]

I put this in my main directory .htaccess to redirect anyone but my IP to a 404 error page when trying to access the wp-admin directory or xmlrpc.php

Code:

ServerSignature Off
RewriteEngine On

<IfModule mod_rewrite.c>
RewriteEngine on
RewriteCond %{REQUEST_URI} ^(.*)?xmlrpc\.php(.*)$ [OR]
RewriteCond %{REQUEST_URI} ^(.*)?wp-admin$
RewriteCond %{REMOTE_ADDR} !^YOUR.IP.ADDRESS.HERE$
RewriteRule ^(.*)$ - [R=404,L]
</IfModule>

[robwod]

Bladewire, you may be better off redirecting to a 401 or 403 as wordpress generates a 404 page on its own, and thus, still makes queries (unless it's a cached page of course).

[Bladewire]

Quote:

Originally Posted by robwod

Bladewire, you may be better off redirecting to a 401 or 403 as wordpress generates a 404 page on its own, and thus, still makes queries (unless it's a cached page of course).

Great point

If it's the xmlrpc being queried do you thing the below might be the lease CPU intensive while still protecting the site?

Code:

<FilesMatch "^(wp-trackback|xmlrpc)\.php$">
Order Deny,Allow
Allow from 68.5.209.235
Deny from all
</filesMatch>

RedirectMatch 403 ^.*/wp-admin/*$

On a side note: Since I don't have a feed anyone needs to read, part of the code I use for scrapers is this

Code:

RewriteCond %{REQUEST_URI} ^/feed$ [OR] 
RewriteCond %{REQUEST_URI} ^/comments/feed$ [OR]
RewriteCond %{REQUEST_URI} ^/wp-includes/wlwmanifest.xml$
RewriteCond %{HTTP_HOST} ^MYSITE.COM
RewriteRule ^(.*) http://www.npr.org/rss/$1 [P]

[babeterminal]

Quote:

Originally Posted by anexsia

That wouldn't do anything about his problem, he's maxing out entry processes which is database related..not to mention if his host has entry processes set at 15 that likely means he's using shared hosting and wouldn't have the choice to switch to nginx.

babeterminal: Make sure you're using a cache plugin, allow only your IP to access wp-login.php or setup auth password protection in front of it to stop brute force attempts, optimize your MySQL database (depending on how many plugins you had installed you might have a lot of leftover stuff in your database). If you're only getting 5,000 visitors you shouldn't be anywhere near that many entry processes unless you had a lot of plugins installed or something?

thanks i set this up with Bladewire 's code seems to be doing ok also a lot of the prob's seem to do with yandex & baidu which i have blocked with a load of other unwanted bots

thanks all

[JuicyBunny]

I wouldn't throttle good SEs.
We were hit with this recently.

You will need multiple defenses. Our host went above and beyond the call to sort it out. Took a few days but results are in.

[AdultKing]

Quote:

Originally Posted by babeterminal

to do with yandex & baidu

I wouldn't block Yandex.

[babeterminal]

i have been at this for days checking all the logs blocking ip's its still maxing out my only thinking now is the host lowered the setting
so now i am going to optimize as much as i can, this is new to me and will take some time, i have opened a cloudflare account and will be trying offloading and any other tricks i can learn

it just ticks me off that on contacting the host first thing they said i need to upgrade to shared dedicated, and after a few more messages the told me i should hire a programmer lol wtf!!!!

[AdultKing]

Quote:

Originally Posted by babeterminal

i have been at this for days checking all the logs blocking ip's its still maxing out my only thinking now is the host lowered the setting
so now i am going to optimize as much as i can, this is new to me and will take some time, i have opened a cloudflare account and will be trying offloading and any other tricks i can learn

it just ticks me off that on contacting the host first thing they said i need to upgrade to shared dedicated, and after a few more messages the told me i should hire a programmer lol wtf!!!!

Maybe you just need real hosting.

https://www.soyoustart.com/en/offers/sys-ip-1.xml

[babeterminal]

Quote:

Originally Posted by AdultKing

Maybe you just need real hosting.

https://www.soyoustart.com/en/offers/sys-ip-1.xml

strange i blocked ovh and ubuntu yesterday i thought why are these servers visiting my site

i only want shared hosting as this site is small and was getting 5000 hits a day this has now dropped to 12000 for the last 7 days

[myleene]

Quote:

Originally Posted by babeterminal

thanks i set this up with Bladewire 's code seems to be doing ok also a lot of the prob's seem to do with yandex & baidu which i have blocked with a load of other unwanted bots

thanks all

Quote:

i only want shared hosting as this site is small and was getting 5000 hits a day this has now dropped to 12000 for the last 7 days

You've blocked yourself from a lot of people in Russia, Belarus, Kazakhstan, Ukraine and Turkey by blocking Yandex.

You've also blocked yourself from the majority of China by blocking Baidu.

And you've blocked others...

What did you expect?


change your hosting to something better. Shared has its limits and you seem to have got to it. I would suggest a small VPS and that you do it all yourself. Would be even cheaper than shared.

[AdultKing]

Quote:

Originally Posted by babeterminal

strange i blocked ovh and ubuntu yesterday i thought why are these servers visiting my site

i only want shared hosting as this site is small and was getting 5000 hits a day this has now dropped to 12000 for the last 7 days

A Digital Ocean instance costs $10 per month for 1GB Ram 30 gig of disk space and 2TB data transfer.

You could also get a Kimsufi server for a few bucks more Intel 1.8GHz 4 GB RAM, 1TB disk, 100Mbps unlimited data. Kimsufi : le serveur dédié pas cher !