Response Time
24 — 48 hours
Dear support
This is way over my head. I hope that you can help. My site is down and my hosters are telling me that there are some PHP/scripts that are bringing the Site to it knees. Could you please look at the below excerpt from my Sites logs! It seems to me to be Easyblog related. I really do not understand what is happening but I am guessing that something has got out there and is spitting out links probably with a view to cranking up hits for some weird sites!
Start of mail from hosters...
Dear Sir,
> There are a lot of Apache/PHP tasks which create the high use of the
> capacitiy.
> Please check if these services are running properly.
>
> Dear Andreas
>
> The above is Latin to me. Could you kindly point me in the right direction.
you are using a self administered server; you are the admin. Your scripts use a lot of ressources. We don't know why since those are scripts/appications you installed.
What might be odd is the large amount of POST request like (/var/www/vhosts/finalbug.net/statistics/logs/access_log):
root@mail:/var/www/vhosts/finalbug.net/statistics/logs# grep POST access_log | tail
112.111.176.142 - - [03/Jan/2014:12:00:18 +0100] "POST /home-of-bruce/paradigm-shift/fcp-x-4-beginners/trackback?post_id=339 HTTP/1.1" 200 333 "http://www.christianlouboutinsale-cybermonday.co.uk/womens-christian-louboutin-nude-lady-peep-glitter-mini-sky-high-platforms-cyber-monday-sale-p-92.html" "Mozilla/5.0 (Windows NT 5.1; rv:11.0) Gecko/20100101 Firefox/11.0"
175.44.27.73 - - [03/Jan/2014:12:00:18 +0100] "POST /home-of-bruce/post-production/resolve/trackback?post_id=295 HTTP/1.1" 200 333 "http://www.14cambridgecourt.com/sac-a-dos-longchamp-rouge-p-84.html" "Mozilla/5.0 (Windows NT 5.1; rv:11.0) Gecko/20100101 Firefox/11.0"
59.58.138.184 - - [03/Jan/2014:12:00:19 +0100] "POST /home-of-bruce/more-stuff/cameras-co/trackback?post_id=291 HTTP/1.1" 200 333 "http://www.repadom.fr/category/abercrombie-and-fitch/" "Mozilla/5.0 (Windows NT 5.1; rv:11.0) Gecko/20100101 Firefox/11.0"
112.111.173.211 - - [03/Jan/2014:12:00:20 +0100] "POST /home-of-bruce/paradigm-shift/fcp-x-4-beginners/trackback?post_id=360 HTTP/1.1" 200 333 "http://www.johnhindeuk.com/parajumpers-hyggelig-menn-h248yre-h229nd-navy-jakke-fabrikken-direkte-pris-p-134.html" "Mozilla/5.0 (Windows NT 5.1; rv:11.0) Gecko/20100101 Firefox/11.0"
112.111.173.244 - - [03/Jan/2014:12:00:20 +0100] "POST /home-of-bruce/paradigm-shift/fcp-x-4-beginners/trackback?post_id=360 HTTP/1.1" 200 333 "http://belstaffparis.nhg-klap.com/" "Mozilla/5.0 (Windows NT 5.1; rv:11.0) Gecko/20100101 Firefox/11.0"
175.42.87.136 - - [03/Jan/2014:12:00:22 +0100] "POST /home-of-bruce/more-stuff/bruce-speaks/trackback?post_id=341 HTTP/1.1" 200 333 "http://gucci.matt-cutts.com/" "Mozilla/5.0 (Windows NT 5.1; rv:11.0) Gecko/20100101 Firefox/11.0"
60.168.0.140 - - [03/Jan/2014:11:59:43 +0100] "POST /home-of-bruce/paradigm-shift/fcp-x-4-beginners/trackback?post_id=358 HTTP/1.1" 500 1018 "http://www.shopthepelicans.com/tyreke-evans-jersey-xs-63/" "Mozilla/5.0 (Windows NT 5.1; rv:11.0) Gecko/20100101 Firefox/11.0"
60.168.3.188 - - [03/Jan/2014:12:00:36 +0100] "POST /home-of-bruce/post-production/resolve/trackback?post_id=295 HTTP/1.1" 200 333 "http://www.shopcoltsjerseysonline.com/womens-cassius-vaughn-elite-jersey-lo-69.html" "Mozilla/5.0 (Windows NT 5.1; rv:11.0) Gecko/20100101 Firefox/11.0"
218.86.51.48 - - [03/Jan/2014:12:00:37 +0100] "POST /home-of-bruce/paradigm-shift/fcp-x-4-beginners/trackback?post_id=281 HTTP/1.1" 200 333 "http://www.michalkorsoutlet.com/michael-kors-handbags/" "Mozilla/5.0 (Windows NT 5.1; rv:11.0) Gecko/20100101 Firefox/11.0"
60.168.3.100 - - [03/Jan/2014:12:00:41 +0100] "POST /home-of-bruce/paradigm-shift/fcp-x-4-beginners/trackback?post_id=359 HTTP/1.1" 200 333 "http://www.shopthepelicans.com/eric-gordon-jersey-qb-93/" "Mozilla/5.0 (Windows NT 5.1; rv:11.0) Gecko/20100101 Firefox/11.0"
root@mail:/var/www/vhosts/finalbug.net/statistics/logs#
I don't know if those are expected, maybe the developer of yuor app can help you.
End of mail from hosters
thanks
Paul
This is way over my head. I hope that you can help. My site is down and my hosters are telling me that there are some PHP/scripts that are bringing the Site to it knees. Could you please look at the below excerpt from my Sites logs! It seems to me to be Easyblog related. I really do not understand what is happening but I am guessing that something has got out there and is spitting out links probably with a view to cranking up hits for some weird sites!
Start of mail from hosters...
Dear Sir,
> There are a lot of Apache/PHP tasks which create the high use of the
> capacitiy.
> Please check if these services are running properly.
>
> Dear Andreas
>
> The above is Latin to me. Could you kindly point me in the right direction.
you are using a self administered server; you are the admin. Your scripts use a lot of ressources. We don't know why since those are scripts/appications you installed.
What might be odd is the large amount of POST request like (/var/www/vhosts/finalbug.net/statistics/logs/access_log):
root@mail:/var/www/vhosts/finalbug.net/statistics/logs# grep POST access_log | tail
112.111.176.142 - - [03/Jan/2014:12:00:18 +0100] "POST /home-of-bruce/paradigm-shift/fcp-x-4-beginners/trackback?post_id=339 HTTP/1.1" 200 333 "http://www.christianlouboutinsale-cybermonday.co.uk/womens-christian-louboutin-nude-lady-peep-glitter-mini-sky-high-platforms-cyber-monday-sale-p-92.html" "Mozilla/5.0 (Windows NT 5.1; rv:11.0) Gecko/20100101 Firefox/11.0"
175.44.27.73 - - [03/Jan/2014:12:00:18 +0100] "POST /home-of-bruce/post-production/resolve/trackback?post_id=295 HTTP/1.1" 200 333 "http://www.14cambridgecourt.com/sac-a-dos-longchamp-rouge-p-84.html" "Mozilla/5.0 (Windows NT 5.1; rv:11.0) Gecko/20100101 Firefox/11.0"
59.58.138.184 - - [03/Jan/2014:12:00:19 +0100] "POST /home-of-bruce/more-stuff/cameras-co/trackback?post_id=291 HTTP/1.1" 200 333 "http://www.repadom.fr/category/abercrombie-and-fitch/" "Mozilla/5.0 (Windows NT 5.1; rv:11.0) Gecko/20100101 Firefox/11.0"
112.111.173.211 - - [03/Jan/2014:12:00:20 +0100] "POST /home-of-bruce/paradigm-shift/fcp-x-4-beginners/trackback?post_id=360 HTTP/1.1" 200 333 "http://www.johnhindeuk.com/parajumpers-hyggelig-menn-h248yre-h229nd-navy-jakke-fabrikken-direkte-pris-p-134.html" "Mozilla/5.0 (Windows NT 5.1; rv:11.0) Gecko/20100101 Firefox/11.0"
112.111.173.244 - - [03/Jan/2014:12:00:20 +0100] "POST /home-of-bruce/paradigm-shift/fcp-x-4-beginners/trackback?post_id=360 HTTP/1.1" 200 333 "http://belstaffparis.nhg-klap.com/" "Mozilla/5.0 (Windows NT 5.1; rv:11.0) Gecko/20100101 Firefox/11.0"
175.42.87.136 - - [03/Jan/2014:12:00:22 +0100] "POST /home-of-bruce/more-stuff/bruce-speaks/trackback?post_id=341 HTTP/1.1" 200 333 "http://gucci.matt-cutts.com/" "Mozilla/5.0 (Windows NT 5.1; rv:11.0) Gecko/20100101 Firefox/11.0"
60.168.0.140 - - [03/Jan/2014:11:59:43 +0100] "POST /home-of-bruce/paradigm-shift/fcp-x-4-beginners/trackback?post_id=358 HTTP/1.1" 500 1018 "http://www.shopthepelicans.com/tyreke-evans-jersey-xs-63/" "Mozilla/5.0 (Windows NT 5.1; rv:11.0) Gecko/20100101 Firefox/11.0"
60.168.3.188 - - [03/Jan/2014:12:00:36 +0100] "POST /home-of-bruce/post-production/resolve/trackback?post_id=295 HTTP/1.1" 200 333 "http://www.shopcoltsjerseysonline.com/womens-cassius-vaughn-elite-jersey-lo-69.html" "Mozilla/5.0 (Windows NT 5.1; rv:11.0) Gecko/20100101 Firefox/11.0"
218.86.51.48 - - [03/Jan/2014:12:00:37 +0100] "POST /home-of-bruce/paradigm-shift/fcp-x-4-beginners/trackback?post_id=281 HTTP/1.1" 200 333 "http://www.michalkorsoutlet.com/michael-kors-handbags/" "Mozilla/5.0 (Windows NT 5.1; rv:11.0) Gecko/20100101 Firefox/11.0"
60.168.3.100 - - [03/Jan/2014:12:00:41 +0100] "POST /home-of-bruce/paradigm-shift/fcp-x-4-beginners/trackback?post_id=359 HTTP/1.1" 200 333 "http://www.shopthepelicans.com/eric-gordon-jersey-qb-93/" "Mozilla/5.0 (Windows NT 5.1; rv:11.0) Gecko/20100101 Firefox/11.0"
root@mail:/var/www/vhosts/finalbug.net/statistics/logs#
I don't know if those are expected, maybe the developer of yuor app can help you.
End of mail from hosters
thanks
Paul
14 Replies
The replies under this section are restricted to logged in users or users with an active subscription with us
