WordPress: High CPU Load on Shared Hosting.

Collapse
X
 
  • Time
  • Show
Clear All
new posts
  • hausarzt
    Confirmed User
    • Jan 2011
    • 818

    #1

    WordPress: High CPU Load on Shared Hosting.

    Hey guys.
    I have a WordPress website wich runs on a shared hosting.
    During the last weeks, I didn't care much about the site. Today I noticed, that it runs super slow. "Resource Usage" in Cpanel shows a CPU Load 90%+ for about a month.

    I contacted the support and they told me, that a plugin or theme causes the problem.
    I haven't touched the theme in months, same a plugins.
    Nevertheless, I deactivated all plugins. The problem is still present.
    Is anybody able to track the root of the evil?

    Theme and plugins are all updated.
    The size was once pretty fast.
    I know, my english is bad. But your german might be even worse
  • Denny
    Too lazy to set a custom title
    • Feb 2005
    • 17390

    #2
    Traffic is the same? Try to install some cache plugin, it might help a bit.

    I host some of my lower traffic WP sites on many shared hosting accounts with various hosts, RAM usually isn't an issue but CPU is, it's quite limited on (cheap) shared hosting accounts and you can hit the limit with just a few concurrent visitors. If that site makes you money, sometimes it's better to just move it to a VPS or cloud.

    Comment

    • hausarzt
      Confirmed User
      • Jan 2011
      • 818

      #3
      Traffic is low as ever.
      I already have a caching plugin and always had.

      Thr problem appeared one month ago all of a sudden.

      Google Web Vitals says my site loads slow on mobile, but fast on desktop.

      On my android the site is super slow using Chrome. With Brave browser, every page loads within milliseconds.

      Strange stuff....
      I know, my english is bad. But your german might be even worse

      Comment

      • Shoplifter
        Richest man in Babylon
        • Jan 2002
        • 5845

        #4
        Do you have the admin restricted to only permit your IP? There is a good chance you are being hammered by a brute force attack and don't realize it.

        Or maybe your VPS just sucks. I have Wordpress sites running with crons on a $4 VPS and it works fine.

        Comment

        • zijlstravideo
          Confirmed User
          • Sep 2013
          • 806

          #5
          Originally posted by hausarzt

          Google Web Vitals says my site loads slow on mobile, but fast on desktop.

          On my android the site is super slow using Chrome. With Brave browser, every page loads within milliseconds.
          I don't use Brave Browser, but isn't the Brave browser really privacy oriented (therefore, likely going to be blocking most javascript code) and also agressive with blocking any type of ads?

          If that's the case... Could it be that the Brave browser blocks some sort of javascript code on your website (and Chrome probably doesn't block it), explaining the difference in loading time?
          Contact: email

          Comment

          • hausarzt
            Confirmed User
            • Jan 2011
            • 818

            #6
            Yepp, Brave loads a little less than Chrome I believe. Beside that, I have no ads on my site. At least no banners. Only a few text links here and there.
            But:
            Gtmetrix gives me a straight A. Load time unter 1 second.
            Pingdom gives me a straight A. Same results.


            Only PageSpeed Insights says my site sucks on mobile.
            So I have two problems:
            Bad rating for usability/speed by Google and a high Server CPU Load.

            If anybody is up for a test:
            https://assgifs.com

            No worries... No pop ads, redirects or whatsoever.
            I know, my english is bad. But your german might be even worse

            Comment

            • redwhiteandblue
              Bollocks
              • Jun 2007
              • 2793

              #7
              Originally posted by zijlstravideo
              I don't use Brave Browser, but isn't the Brave browser really privacy oriented (therefore, likely going to be blocking most javascript code) and also agressive with blocking any type of ads?

              If that's the case... Could it be that the Brave browser blocks some sort of javascript code on your website (and Chrome probably doesn't block it), explaining the difference in loading time?
              One of the things I hate about WP is the way it loads shitloads of scripts and fonts and CSS and other things in the html head, even if your theme doesn't use them.
              Interserver unmanaged AMD Ryzen servers from $73.00

              Comment

              • Denny
                Too lazy to set a custom title
                • Feb 2005
                • 17390

                #8
                Originally posted by hausarzt
                No worries... No pop ads, redirects or whatsoever.
                Loads fast on both desktop and mobile here.

                EDIT: I tried to go thru more pages/posts and it seems the site gets bogged down randomly.

                Comment

                • hausarzt
                  Confirmed User
                  • Jan 2011
                  • 818

                  #9
                  That's what I see from time to time in my Cpanel.
                  CPU peaks and errors as well as RAM usage.
                  There must be something causing this... But what?

                  https://imgur.com/a/wTjvCPM
                  I know, my english is bad. But your german might be even worse

                  Comment

                  • zijlstravideo
                    Confirmed User
                    • Sep 2013
                    • 806

                    #10
                    Your site loads pretty fast here on iPhone, both in Chrome and Safari.

                    Can't you make a zip backup of your website and upload it on a cheap $5 VPS on Vultr to run some tests... Find out if the issue is still there.
                    Contact: email

                    Comment

                    • Denny
                      Too lazy to set a custom title
                      • Feb 2005
                      • 17390

                      #11
                      You can try to ask support if they can find out something but I guess they will come with classic response like "the server is working fine, you need to optimize your website", "consult your web developer" etc. From my experiece random slowness is quite common on shared hosting, sometimes the best/easiest solution is moving the site elsewhere.

                      Comment

                      • hausarzt
                        Confirmed User
                        • Jan 2011
                        • 818

                        #12
                        Yeah, support is pretty basic. Check your theme... Check your plugins.
                        I am not an IT expert, nor I know much about servers, but even on a shared hosting support should be able to tell me, what's is slowing down the server.

                        I only want to hear "it's this plugin". I don't want to hear why it is this slowing it down exactly. I only want to know, what is causing the problems. This should be covered by basic support in my opinion.

                        All my sites never had any problems. They alway were fast.
                        Take a look at the Screenshot. You can see
                        that around 6th April something happened.

                        https://imgur.com/a/ftdx9t3

                        Btw: site is hosted on hawkhost.
                        I know, my english is bad. But your german might be even worse

                        Comment

                        • sandman!
                          Icq: 14420613
                          • Mar 2001
                          • 15431

                          #13
                          Looks like some plugin try turning off 1 plugin at a time and see if you can find the problem that way.
                          Need WebHosting ? Email me for some great deals [email protected]

                          Comment

                          • NatalieMojoHost
                            Confirmed User
                            • Aug 2013
                            • 1479

                            #14
                            This may or may not be the problem, but in essence, shared hosting is sharing the hardware and server resources of your server with other sites. If another site on the same node has a spike in traffic, you might see slowness occasionally. Most hosts oversubscribe shared servers significantly, so this might explain why it was faster in the past - the node you're on is simply getting closer to full. That doesn't explain why it loads fast on Brave and not Chrome, but I'm assuming the situation is a combination of factors.

                            MojoHost.COM | natalie at mojohost dot com | Skype natalie.ac | Telegram @znatalie. Since 1999: 70 Adult Industry awards for Best Hosting Company and professional excellence.

                            Comment

                            • tfto
                              GFY and your feelings.
                              • Sep 2001
                              • 2121

                              #15
                              Originally posted by NatalieMojoHost
                              This may or may not be the problem, but in essence, shared hosting is sharing the hardware and server resources of your server with other sites. If another site on the same node has a spike in traffic, you might see slowness occasionally. Most hosts oversubscribe shared servers significantly, so this might explain why it was faster in the past - the node you're on is simply getting closer to full. That doesn't explain why it loads fast on Brave and not Chrome, but I'm assuming the situation is a combination of factors.
                              Natalie makes a very good point. Your hosting company may have added another site to the shared server that is a resource hog. This in turn would cause your site to bog down when they are sucking up all the resources.

                              Why it only happens with some browsers and not others sorta points me to the theme. But then, It started happening out of the blue. For all you know, that server could have been close to the top already and now someone else is using more resources than before. In turn, causing some browsers not to be happy anymore.

                              Just as a test, try using another theme and see if things change. Or, get a VPS and be done with it. Either way, to figure this out will take some effort on your part. There is no magic fix.

                              Comment

                              • redwhiteandblue
                                Bollocks
                                • Jun 2007
                                • 2793

                                #16
                                Is your site fairly image-heavy? Try clearing the cache on both Brave and Chrome and then compare them.
                                Interserver unmanaged AMD Ryzen servers from $73.00

                                Comment

                                • MichaelP
                                  Registered User
                                  • Aug 2003
                                  • 7124

                                  #17
                                  I have to agree with Nathalie on this one too.

                                  Comment

                                  • EddyTheDog
                                    Just Doing My Own Thing
                                    • Jan 2011
                                    • 25433

                                    #18
                                    Very fast loading pages here on Chrome - VERY - That is your cashing plugin at work I assume - If I do a search, very slow (15 seconds!) - Because no cache on search result page...

                                    I wonder if it the caching plugin that is causing the issue - If it is running too often with a lot of content/pages being generated it might explain the CPU use stats you are seeing - Maybe fiddle with it's settings.....

                                    Comment

                                    • phman79
                                      Confirmed User
                                      • Sep 2014
                                      • 260

                                      #19
                                      What I would do is turn off each plugin one by one and check to see which one could be causing the issue, most of the time when I have problems like that, it's a plugin sometimes two plugins don't work well together or it could need updated.
                                      Best Priced Adult Webhosting Company
                                      Live Milfs
                                      Live Strip Cams

                                      Comment

                                      • Jazzix
                                        Confirmed User
                                        • Nov 2019
                                        • 354

                                        #20
                                        Was having similar issues but due to traffic. Even after upgrading to a business cloud package was still getting spikes in server resources. Finally fixed it and here's what I did.

                                        - Lockdown wp-login.php in Cloudflare firewall
                                        - xmlrpc.php lockdown
                                        - Just for the hell of it I did the same with my wp-admin page
                                        - Disabled the cron jobs within Wordpress and moved them to my server

                                        Still seeing some 503 errors as hackers seem to be spoofing Cloudflare IP's but not effecting my server resources.

                                        Hope this helps
                                        ____________________

                                        Comment

                                        • Shoplifter
                                          Richest man in Babylon
                                          • Jan 2002
                                          • 5845

                                          #21
                                          Originally posted by Jazzix
                                          Was having similar issues but due to traffic. Even after upgrading to a business cloud package was still getting spikes in server resources. Finally fixed it and here's what I did.

                                          - Lockdown wp-login.php in Cloudflare firewall
                                          - xmlrpc.php lockdown
                                          - Just for the hell of it I did the same with my wp-admin page
                                          - Disabled the cron jobs within Wordpress and moved them to my server

                                          Still seeing some 503 errors as hackers seem to be spoofing Cloudflare IP's but not effecting my server resources.

                                          Hope this helps
                                          ____________________

                                          All of this. The moment you install Wordpress you are going to have everyone in the world trying to exploit it. Whatever real traffic you have you can figure at least twice more will be bots and brute force trying to get in. Wordpress is a magnet for trouble.

                                          Securing Wordpress can cut your CPU/resource use way down and improve the load times on the site

                                          Comment

                                          • sandman!
                                            Icq: 14420613
                                            • Mar 2001
                                            • 15431

                                            #22
                                            Putting a htaccess login for admin dirs can cut down on hacking and resource usage also. I have many things locked down like that especially whmcs which hackers try to hit always
                                            Need WebHosting ? Email me for some great deals [email protected]

                                            Comment

                                            • redwhiteandblue
                                              Bollocks
                                              • Jun 2007
                                              • 2793

                                              #23
                                              Originally posted by Shoplifter
                                              All of this. The moment you install Wordpress you are going to have everyone in the world trying to exploit it. Whatever real traffic you have you can figure at least twice more will be bots and brute force trying to get in. Wordpress is a magnet for trouble.

                                              Securing Wordpress can cut your CPU/resource use way down and improve the load times on the site
                                              I've seen a huge increase in hits from bots looking for WP exploits recently (on sites that have never even been on WP) but many of them come from Amazon AWS IP ranges which can be blocked in htaccess if you know what they are.
                                              Interserver unmanaged AMD Ryzen servers from $73.00

                                              Comment

                                              • tfto
                                                GFY and your feelings.
                                                • Sep 2001
                                                • 2121

                                                #24
                                                Originally posted by redwhiteandblue
                                                I've seen a huge increase in hits from bots looking for WP exploits recently (on sites that have never even been on WP) but many of them come from Amazon AWS IP ranges which can be blocked in htaccess if you know what they are.
                                                I constantly see IP's from Amazon AWS, OVH, and a couple of other places. There is a bot that claims it's from Micosoft. In reality, it is no different than the other bots. Looking for ways to exploit.

                                                Comment

                                                • hausarzt
                                                  Confirmed User
                                                  • Jan 2011
                                                  • 818

                                                  #25
                                                  Thank you for the suggestions folks.
                                                  Better late then never, here is a quick update:

                                                  After trying many things (removing plugins, caching on/off....) suddenly my site went back to normal.
                                                  Since 4 days, it's under high load again. No changes where made. Logs show nothing suspicious.

                                                  Time to change the host I guess. I am moving to a VPS soon.
                                                  Hopefully this will fix the site performance.
                                                  I know, my english is bad. But your german might be even worse

                                                  Comment

                                                  • Colmike9
                                                    (>^_^)b
                                                    • Dec 2011
                                                    • 7230

                                                    #26
                                                    Originally posted by hausarzt
                                                    Thank you for the suggestions folks.
                                                    Better late then never, here is a quick update:

                                                    After trying many things (removing plugins, caching on/off....) suddenly my site went back to normal.
                                                    Since 4 days, it's under high load again. No changes where made. Logs show nothing suspicious.

                                                    Time to change the host I guess. I am moving to a VPS soon.
                                                    Hopefully this will fix the site performance.
                                                    Yep, I'd switch. Some shared hosting accounts have very low CPU limits, and if you exceed those, even on a website that should work fine, the site can run slow and sometimes give 503 errors.

                                                    But also check things like don't have too many cron jobs, or maybe your traffic is just too much for the shared host.
                                                    Join the BEST cam affiliate program on the internet!
                                                    I've referred over $1.7mil in spending this past year, you should join in.
                                                    I make a lot more money in the medical field in a lab now, fuck you guys. Don't ask me to come back, but do join Chaturbate in my sig, it still makes bank without me touching shit for years..

                                                    Comment

                                                    • tfto
                                                      GFY and your feelings.
                                                      • Sep 2001
                                                      • 2121

                                                      #27
                                                      Originally posted by hausarzt
                                                      Thank you for the suggestions folks.
                                                      Better late then never, here is a quick update:

                                                      After trying many things (removing plugins, caching on/off....) suddenly my site went back to normal.
                                                      Since 4 days, it's under high load again. No changes where made. Logs show nothing suspicious.

                                                      Time to change the host I guess. I am moving to a VPS soon.
                                                      Hopefully this will fix the site performance.
                                                      With a VPS you have more control overall. You will be happy with the end result.

                                                      Comment

                                                      • jamezon
                                                        Confirmed User
                                                        • Apr 2019
                                                        • 136

                                                        #28
                                                        you can do a lot to avoid wp bots on cloudflare free plan if your running on a shared plan with no ssh access

                                                        Comment

                                                        • bean-aid
                                                          So Fucking Banned
                                                          • Jun 2011
                                                          • 16493

                                                          #29
                                                          wordfence seems to work well with stopping the bots from bogging the site and injecting malware

                                                          Comment

                                                          • tfto
                                                            GFY and your feelings.
                                                            • Sep 2001
                                                            • 2121

                                                            #30
                                                            Originally posted by jamezon
                                                            you can do a lot to avoid wp bots on cloudflare free plan if your running on a shared plan with no ssh access
                                                            Originally posted by beaner
                                                            wordfence seems to work well with stopping the bots from bogging the site and injecting malware

                                                            Both of these and some sort of a country blocker will work well. I use all three on a network of sites and so far, so good. (I hope I didn't fuck myself without lube).

                                                            Comment

                                                            • ilnjscb
                                                              Confirmed User
                                                              • Jun 2009
                                                              • 8972

                                                              #31
                                                              Originally posted by Shoplifter
                                                              All of this. The moment you install Wordpress you are going to have everyone in the world trying to exploit it. Whatever real traffic you have you can figure at least twice more will be bots and brute force trying to get in. Wordpress is a magnet for trouble.
                                                              This

                                                              Originally posted by redwhiteandblue
                                                              I've seen a huge increase in hits from bots looking for WP exploits recently (on sites that have never even been on WP) but many of them come from Amazon AWS IP ranges which can be blocked in htaccess if you know what they are.
                                                              This

                                                              Originally posted by tfto
                                                              With a VPS you have more control overall. You will be happy with the end result.
                                                              I have just two of my sites with WP and they are huge pains in the ass lately. My host (VPS) emailed almost the exact same thing. I think it is a new upselling thing, or maybe now reading this it is because of new attacks. I'll write the rep.

                                                              The thing that annoys me is, as a loyal customer why doesn't my plan get upgraded regularly? I shouldn't have the same plan I had 18 months ago.

                                                              Comment

                                                              • brassmonkey
                                                                Pay It Forward
                                                                • Sep 2005
                                                                • 77396

                                                                #32
                                                                try different isp... like at a friends or their phone or some shit.
                                                                TRUMP 2026 KEKAW!!! - The Laken Riley Act Is Law!
                                                                DACA ENDED - SUPPORT AZ HCR 2060 52R - email: brassballz-at-techie.com

                                                                Comment

                                                                • jamezon
                                                                  Confirmed User
                                                                  • Apr 2019
                                                                  • 136

                                                                  #33
                                                                  Originally posted by beaner
                                                                  wordfence seems to work well with stopping the bots from bogging the site and injecting malware
                                                                  ja , but its a plugin that eats ressources and might slow things down, if its needs to work hard defending your sites,

                                                                  its much better to catch the attack, exploit scenarios before the entry gate
                                                                  i say 90% of them are allways the same...

                                                                  for this cloudflare (free plan) can be really handy...

                                                                  also a good basic rule is to avoid wp-plugins if another job, .htaccess or web server settings can do it

                                                                  Comment

                                                                  • Mikehan
                                                                    Confirmed User
                                                                    • Aug 2021
                                                                    • 74

                                                                    #34
                                                                    Optimize data regularly. Maybe you have lots of records in your data. shared server have some limitation.

                                                                    Remove extra plugins
                                                                    install WordPress cache plugin
                                                                    some spam click may increase your CPU uses.

                                                                    Some of our sites have more than 250,000 records. And it works well and sometime CPU uses high. When spam hit our server. Use server security plugins. and wait and watch the server regularly.

                                                                    Comment

                                                                    Working...