Dear support
This is way over my head. I hope that you can help. My site is down and my hosters are telling me that there are some PHP/scripts that are bringing the Site to it knees. Could you please look at the below excerpt from my Sites logs! It seems to me to be Easyblog related. I really do not understand what is happening but I am guessing that something has got out there and is spitting out links probably with a view to cranking up hits for some weird sites!
Start of mail from hosters...
Dear Sir,
> There are a lot of Apache/PHP tasks which create the high use of the
> capacitiy.
> Please check if these services are running properly.
>
> Dear Andreas
>
> The above is Latin to me. Could you kindly point me in the right direction.
you are using a self administered server; you are the admin. Your scripts use a lot of ressources. We don't know why since those are scripts/appications you installed.
What might be odd is the large amount of POST request like (/var/www/vhosts/finalbug.net/statistics/logs/access_log):
root@mail:/var/www/vhosts/finalbug.net/statistics/logs# grep POST access_log | tail
112.111.176.142 - - [03/Jan/2014:12:00:18 +0100] "POST /home-of-bruce/paradigm-shift/fcp-x-4-beginners/trackback?post_id=339 HTTP/1.1" 200 333 "http://www.christianlouboutinsale-cybermonday.co.uk/womens-christian-louboutin-nude-lady-peep-glitter-mini-sky-high-platforms-cyber-monday-sale-p-92.html" "Mozilla/5.0 (Windows NT 5.1; rv:11.0) Gecko/20100101 Firefox/11.0"
175.44.27.73 - - [03/Jan/2014:12:00:18 +0100] "POST /home-of-bruce/post-production/resolve/trackback?post_id=295 HTTP/1.1" 200 333 "http://www.14cambridgecourt.com/sac-a-dos-longchamp-rouge-p-84.html" "Mozilla/5.0 (Windows NT 5.1; rv:11.0) Gecko/20100101 Firefox/11.0"
59.58.138.184 - - [03/Jan/2014:12:00:19 +0100] "POST /home-of-bruce/more-stuff/cameras-co/trackback?post_id=291 HTTP/1.1" 200 333 "http://www.repadom.fr/category/abercrombie-and-fitch/" "Mozilla/5.0 (Windows NT 5.1; rv:11.0) Gecko/20100101 Firefox/11.0"
112.111.173.211 - - [03/Jan/2014:12:00:20 +0100] "POST /home-of-bruce/paradigm-shift/fcp-x-4-beginners/trackback?post_id=360 HTTP/1.1" 200 333 "http://www.johnhindeuk.com/parajumpers-hyggelig-menn-h248yre-h229nd-navy-jakke-fabrikken-direkte-pris-p-134.html" "Mozilla/5.0 (Windows NT 5.1; rv:11.0) Gecko/20100101 Firefox/11.0"
112.111.173.244 - - [03/Jan/2014:12:00:20 +0100] "POST /home-of-bruce/paradigm-shift/fcp-x-4-beginners/trackback?post_id=360 HTTP/1.1" 200 333 "http://belstaffparis.nhg-klap.com/" "Mozilla/5.0 (Windows NT 5.1; rv:11.0) Gecko/20100101 Firefox/11.0"
175.42.87.136 - - [03/Jan/2014:12:00:22 +0100] "POST /home-of-bruce/more-stuff/bruce-speaks/trackback?post_id=341 HTTP/1.1" 200 333 "http://gucci.matt-cutts.com/" "Mozilla/5.0 (Windows NT 5.1; rv:11.0) Gecko/20100101 Firefox/11.0"
60.168.0.140 - - [03/Jan/2014:11:59:43 +0100] "POST /home-of-bruce/paradigm-shift/fcp-x-4-beginners/trackback?post_id=358 HTTP/1.1" 500 1018 "http://www.shopthepelicans.com/tyreke-evans-jersey-xs-63/" "Mozilla/5.0 (Windows NT 5.1; rv:11.0) Gecko/20100101 Firefox/11.0"
60.168.3.188 - - [03/Jan/2014:12:00:36 +0100] "POST /home-of-bruce/post-production/resolve/trackback?post_id=295 HTTP/1.1" 200 333 "http://www.shopcoltsjerseysonline.com/womens-cassius-vaughn-elite-jersey-lo-69.html" "Mozilla/5.0 (Windows NT 5.1; rv:11.0) Gecko/20100101 Firefox/11.0"
218.86.51.48 - - [03/Jan/2014:12:00:37 +0100] "POST /home-of-bruce/paradigm-shift/fcp-x-4-beginners/trackback?post_id=281 HTTP/1.1" 200 333 "http://www.michalkorsoutlet.com/michael-kors-handbags/" "Mozilla/5.0 (Windows NT 5.1; rv:11.0) Gecko/20100101 Firefox/11.0"
60.168.3.100 - - [03/Jan/2014:12:00:41 +0100] "POST /home-of-bruce/paradigm-shift/fcp-x-4-beginners/trackback?post_id=359 HTTP/1.1" 200 333 "http://www.shopthepelicans.com/eric-gordon-jersey-qb-93/" "Mozilla/5.0 (Windows NT 5.1; rv:11.0) Gecko/20100101 Firefox/11.0"
root@mail:/var/www/vhosts/finalbug.net/statistics/logs#
I don't know if those are expected, maybe the developer of yuor app can help you.
End of mail from hosters
thanks
Paul
This is way over my head. I hope that you can help. My site is down and my hosters are telling me that there are some PHP/scripts that are bringing the Site to it knees. Could you please look at the below excerpt from my Sites logs! It seems to me to be Easyblog related. I really do not understand what is happening but I am guessing that something has got out there and is spitting out links probably with a view to cranking up hits for some weird sites!
Start of mail from hosters...
Dear Sir,
> There are a lot of Apache/PHP tasks which create the high use of the
> capacitiy.
> Please check if these services are running properly.
>
> Dear Andreas
>
> The above is Latin to me. Could you kindly point me in the right direction.
you are using a self administered server; you are the admin. Your scripts use a lot of ressources. We don't know why since those are scripts/appications you installed.
What might be odd is the large amount of POST request like (/var/www/vhosts/finalbug.net/statistics/logs/access_log):
root@mail:/var/www/vhosts/finalbug.net/statistics/logs# grep POST access_log | tail
112.111.176.142 - - [03/Jan/2014:12:00:18 +0100] "POST /home-of-bruce/paradigm-shift/fcp-x-4-beginners/trackback?post_id=339 HTTP/1.1" 200 333 "http://www.christianlouboutinsale-cybermonday.co.uk/womens-christian-louboutin-nude-lady-peep-glitter-mini-sky-high-platforms-cyber-monday-sale-p-92.html" "Mozilla/5.0 (Windows NT 5.1; rv:11.0) Gecko/20100101 Firefox/11.0"
175.44.27.73 - - [03/Jan/2014:12:00:18 +0100] "POST /home-of-bruce/post-production/resolve/trackback?post_id=295 HTTP/1.1" 200 333 "http://www.14cambridgecourt.com/sac-a-dos-longchamp-rouge-p-84.html" "Mozilla/5.0 (Windows NT 5.1; rv:11.0) Gecko/20100101 Firefox/11.0"
59.58.138.184 - - [03/Jan/2014:12:00:19 +0100] "POST /home-of-bruce/more-stuff/cameras-co/trackback?post_id=291 HTTP/1.1" 200 333 "http://www.repadom.fr/category/abercrombie-and-fitch/" "Mozilla/5.0 (Windows NT 5.1; rv:11.0) Gecko/20100101 Firefox/11.0"
112.111.173.211 - - [03/Jan/2014:12:00:20 +0100] "POST /home-of-bruce/paradigm-shift/fcp-x-4-beginners/trackback?post_id=360 HTTP/1.1" 200 333 "http://www.johnhindeuk.com/parajumpers-hyggelig-menn-h248yre-h229nd-navy-jakke-fabrikken-direkte-pris-p-134.html" "Mozilla/5.0 (Windows NT 5.1; rv:11.0) Gecko/20100101 Firefox/11.0"
112.111.173.244 - - [03/Jan/2014:12:00:20 +0100] "POST /home-of-bruce/paradigm-shift/fcp-x-4-beginners/trackback?post_id=360 HTTP/1.1" 200 333 "http://belstaffparis.nhg-klap.com/" "Mozilla/5.0 (Windows NT 5.1; rv:11.0) Gecko/20100101 Firefox/11.0"
175.42.87.136 - - [03/Jan/2014:12:00:22 +0100] "POST /home-of-bruce/more-stuff/bruce-speaks/trackback?post_id=341 HTTP/1.1" 200 333 "http://gucci.matt-cutts.com/" "Mozilla/5.0 (Windows NT 5.1; rv:11.0) Gecko/20100101 Firefox/11.0"
60.168.0.140 - - [03/Jan/2014:11:59:43 +0100] "POST /home-of-bruce/paradigm-shift/fcp-x-4-beginners/trackback?post_id=358 HTTP/1.1" 500 1018 "http://www.shopthepelicans.com/tyreke-evans-jersey-xs-63/" "Mozilla/5.0 (Windows NT 5.1; rv:11.0) Gecko/20100101 Firefox/11.0"
60.168.3.188 - - [03/Jan/2014:12:00:36 +0100] "POST /home-of-bruce/post-production/resolve/trackback?post_id=295 HTTP/1.1" 200 333 "http://www.shopcoltsjerseysonline.com/womens-cassius-vaughn-elite-jersey-lo-69.html" "Mozilla/5.0 (Windows NT 5.1; rv:11.0) Gecko/20100101 Firefox/11.0"
218.86.51.48 - - [03/Jan/2014:12:00:37 +0100] "POST /home-of-bruce/paradigm-shift/fcp-x-4-beginners/trackback?post_id=281 HTTP/1.1" 200 333 "http://www.michalkorsoutlet.com/michael-kors-handbags/" "Mozilla/5.0 (Windows NT 5.1; rv:11.0) Gecko/20100101 Firefox/11.0"
60.168.3.100 - - [03/Jan/2014:12:00:41 +0100] "POST /home-of-bruce/paradigm-shift/fcp-x-4-beginners/trackback?post_id=359 HTTP/1.1" 200 333 "http://www.shopthepelicans.com/eric-gordon-jersey-qb-93/" "Mozilla/5.0 (Windows NT 5.1; rv:11.0) Gecko/20100101 Firefox/11.0"
root@mail:/var/www/vhosts/finalbug.net/statistics/logs#
I don't know if those are expected, maybe the developer of yuor app can help you.
End of mail from hosters
thanks
Paul