Thinking Christian

Thinking Christianity for church, home, and community

Technical Problem Traced, Reinstating Capabilities

Posted on Jan 7, 2014 by Tom Gilson

Someone has been trying to force their way into this blog’s web server. Today I discovered that a very large proportion of server CPU (up to 80%) was being used to run a process intended only for use by the web host. That’s probably the reason the blog has been going down from time to time. With help from a Google search I’ve closed that door.

I hope that means the downtime that’s been plaguing this blog is over. I’ll keep an eye on the processes to make that’s true.

In the meantime I’ve re-enabled some capabilities here, including user editing of comments.


7 Responses to “ Technical Problem Traced, Reinstating Capabilities ”

  1. SteveK says:

    FYI – the blog isn’t playing nice with Chrome. Pages get hung up and never resolve themselves. Must not be all pages, because I can get this one to load fine. I can’t get this one to load though.

  2. JAD says:

    I’m having exactly the same issue.

  3. Tom Gilson says:

    Better? It was actually the pull-quotes plugin that was to blame.

  4. SteveK says:

    Yep. Good now.

  5. Izak says:

    I’d be very interested in what process it is that you found using all that cpu. I’m a Linux sysadmin… :-)

  6. Tom Gilson says:

    All it said was xmlrpc.php.

  7. Izak says:

    Aaah, there used to be a vulnerability in php’s xmlrpc implementation. Probably crackers attempting to exploit this hole. They often do so even if you’re site isn’t vulnerable, wasting precious resources by trying. I have similar problems on some of the sites we host for people: Bots register user accounts, then they set the user’s portrait (a feature of this CMS) to an image advertising something, and then they use other means to spam people with a link to that image. Databases grow from a couple of megabyte to 25GB or more in the space of days while this is going on…

Comments RSS Feed
Real Time Analytics
%d bloggers like this: