CPU spiking at 100%, WordProess site offline

Hi All

I am running a WordPress site on a VPS and every few weeks the server goes off line with 503 error normally.

In the Apache error log I see the following:
[fcgid:warn] mod_fcgid: process graceful kill fail, sending SIGKILL

It settles down after a few hours but it getting to be a real pain. Can anyone help solves this issue?

Thanks in advance.


hi, the error 503 means Service Temporarily Unavailable. How much ram you have on your server?

The distro is Debian 8 x64, 2GB RAM & 4GB swap. The provider is Linode and it is based in Singapore.

It is currently offline with “500 Internal Server error”

mr buffy, try to temporary rename htaccess file to .backup.htaccess and try load site couple of the times. Basically I get 500 only when I have messed up htaccess. Those specs on your server are good.

Or check your htaccess - this one is mine but its really pretty standard. (im also running debian here)


If you’re seeing a 500 error, be sure to take a look in $HOME/logs/error_log for any errors that are being reported.

If your CPU is spiking, is it clear what is using a lot of the CPU when you run the “top” command?


Thanks very much for the responses.

I have several websites hosted on 2 VPS’s (one is Linode, the other is an OpenVZ type with tmzVPS) Both have been experiencing downtime issues. I am a relative newbie with unmanaged VPS hosting.

How can I determine if my sites are been attacked of hacked?

[fcgid:warn] mod_fcgid: process graceful kill fail, sending SIGKILL

This usually means the scrip reached max timeout (i think by default is 45sec) and it was killed. Pretty often you can see this happening with WP. While increasing “FcgidIOTimeout” to 90 (some people suggest 300-500+) i would rather like to suggest you to try to find what script/code in WP is causing this. It could be a leaking theme or plugin e.g. bad code.

Another reason for you problem could be bad MySQL config or MySQL is still working with default settings and probably is not enough anymore. Both cases are asking to fine tune your MySQL and Apache settings. Because there is no one settings for everyone its hard to recommend anything without looking at your server. If you lack in knowledge with MySQL and Apache best would be to leave this task for someone who knows.

How can I determine if my sites are been attacked of hacked?

There are few SSH commands you can use to see what is your traffic or check Apache access log for your domains. For example this command will show you in real time all incoming active connections (you can stop it with ctrl+c):

watch -d -n1 lsof -i

With WP there are few things you can do to prevent or at least limit bots and brute force attacks:

  1. If you dont use JetPack use htaccess to completely block xmlrpc.php file.
  2. If WP doesnt require others to login/register so its just you and/or your client use htaccess to protect with password WP login.
  3. Install Fail2ban and use it to block IP after X amount of failed login attempts. There was a plugin to install with F2B filter.
  4. Use well know free theme what is frequently updated or payed one. Remove all other themes including the WP default one.
  5. Limit the plugins to minimal amount and uninstall everything else. Think if some “feature” is worth so much to increase the CPU and memory usage. If the answer is “you dont know” or “no” just uninstall it.