Many php-fcgid processes with high memory

Operating system: CentOS
OS version: 7
PHP: 7.4
Web Server: nginx 1.20

Hi,

I need some help regarding PHP processes and high memory usage.

I am running a server with around 20 WP websites, mostly with Woocommerce + Wordfence (once daily scan, timing decided by Wordfence). Recently I noticed the memory usage has reached almost 95% in the dashboard on average. Sites are getting slower as compared to previously.

Upon looking at the running processes under Memory tab, it seems there are many php-fcgid spawned and each is around 400MB - 600MB. CPU is low though.

In each site’s php settings, the memory limit is set to 256MB. Does the memory limit have any effect on the maximum memory used by the process?

I also noticed the PHP fcgid processes across different sites keeps spawning and does not terminate / clear up. This happens for low traffic sites too. CPU is at 0%.

I have set the sub processes to none and even 1 under PHP options. My understanding is that each visitor will spawn a new process. And after exiting the site, the process should terminate itself once after a while. The minimum process depends on the sub process setting. Is this correct?

Does having too many process imply high traffic / possible brute force attacks?

That’s just Wordpress and Woocommerce. They are absolute hogs on resources. Wordfence is as well. The template you use also has a lot to do with it. If you’re using something like OceanWP or Divi, those are absolute hogs as well.

Wordfence would have alerted you if you had a brute force attack. If you didn’t get an alert, it’s just the sites themselves sucking up all the memory.

I agree on Wordpress and Woocommerce being resource intensive. Would there be a way to optimise the settings to kill those processes though? Maybe after 5 minutes of inactivity, it should be terminated. Can this be set?

You should read up on how fcgi works (and how php-fpm works, as they are similar). The point of these fast CGI or app server models is that the application is already loaded into memory when the request it received. You’re asking how to make it act like CGI. If you kill those processes at random, it would just have to start them again, making your CPU usage and response time go up.

You’ll need to be more precise about what you mean by “many” processes. You should expect to see at least 20 at all times, because you have 20 websites, each with their own fcgi+PHP app. The memory usage is deceptive, as PHP and Apache processes will share quite a bit of memory via shared libraries…but, running large applications is memory-intensive. You maybe need more memory, but also read up on how to read memory usage on Linux before deciding that’s the case…this site will probably be helpful for you. You may just be making assumptions that aren’t accurate.

I recommend you take a few steps back and understand what’s going on with your system before trying to take measures to “fix” the things that look wrong. There may be something wrong, but you may also be misinterpreting several pieces of data and coming to incorrect or incomplete conclusions. I think it’s probably a blend of the two, but more the latter than the former.

Edit: Note that php-fpm is more memory efficient for your use case. Unless you have a reason to use php-fcgid, you should be using FPM.

1 Like

The two WP/Woocommerce sites I run use a plugin called Hummingbird. It hooks up with your Wordpress account and your Cloudflare account together and extends all your caching and it also moves some of the front end java scripts to the footer for faster execution. It knocked about 1.5 seconds off my load times of both sites.

If you haven’t already, another thing you really need to look at are bad bots visiting your site. Some of them are so malicious they’ll eat your system resources alive by constantly using them up. Get yourself a good .htaccess that only allows the main bots (Google, Bing, Duck Duck Go, etc.) Then set up firewall rules for bots like Aspeigle Pendlebot and others.

I have not only firewall rules running on Cloudflare, but their bot fight mode service as well. It made a difference.

You’re right, I probably should understand what’s going on instead of guessing.

Regarding the processes, I do expect to see at least 20 processes, but now it seems each site has average of 2 to 4 each. So there are about 80 processes.

Thank you for pointing me to the site. I will have a look at it and also study more on FPM.

Thank you for sharing. I will check out Hummingbird! I should probably check the logs as well to see if there are traffic from bots :coffee: