Technical Problem Traced, Reinstating Capabilities

Someone has been trying to force their way into this blog’s web server. Today I discovered that a very large proportion of server CPU (up to 80%) was being used to run a process intended only for use by the web host. That’s probably the reason the blog has been going down from time to time. With help from a Google search I’ve closed that door.

I hope that means the downtime that’s been plaguing this blog is over. I’ll keep an eye on the processes to make that’s true.

In the meantime I’ve re-enabled some capabilities here, including user editing of comments.

Comments

  1. SteveK

    Tom
    FYI – the blog isn’t playing nice with Chrome. Pages get hung up and never resolve themselves. Must not be all pages, because I can get this one to load fine. I can’t get this one to load though.

  2. Post
    Author
  3. Izak

    I’d be very interested in what process it is that you found using all that cpu. I’m a Linux sysadmin… 🙂

  4. Post
    Author
  5. Izak

    Aaah, there used to be a vulnerability in php’s xmlrpc implementation. Probably crackers attempting to exploit this hole. They often do so even if you’re site isn’t vulnerable, wasting precious resources by trying. I have similar problems on some of the sites we host for people: Bots register user accounts, then they set the user’s portrait (a feature of this CMS) to an image advertising something, and then they use other means to spam people with a link to that image. Databases grow from a couple of megabyte to 25GB or more in the space of days while this is going on…

Comments are closed.

By commenting here you agree to abide by this site's comment guidelines.