This affects all Shared Hosting, Reseller Hosting, Semi-Dedicated Hosting & WordPress Hosting Clients.
Shared and reseller servers run CloudLinux, an operating system that includes many features for optimizing shared hosting environments. Because shared and reseller servers host many accounts, an account using too many resources can lead to problems on the entire server.
The most common reason for 500/503/508 errors on a website is account throttling by CloudLinux due to excessive resource usage.
CloudLinux is a feature and tool used in a hosting environment that includes many features for optimizing hosting servers. Because shared and reseller servers host many accounts, an account using too many resources can lead to problems on the entire server. CloudLinux helps prevent these types of problems by actively monitoring resource usage, and proactively limiting specific accounts when they exceed predefined resource usage limits, that are guaranteed and always available as a part of your hosting plan.
What are the CloudLinux Limits?
CPU Usage: If your cPanel account’s CPU usage exceeds predefined limits, CloudLinux slows it down to acceptable limits. Your site remains available during this time. When CPU usage falls below the maximum limit, CloudLinux stops limiting your site. DDoS (Distributed Denial of Service), spambot, and brute force attacks are all possible causes of high CPU usage. A poorly configured site can also cause this limit to be reached.
Disk IO Throughput (IO/IOPS): If disk usage exceeds predefined limits, CloudLinux slows down your site to bring it back within acceptable limits. Your site remains available during this time.
Memory Limit (PMEM): CloudLinux monitors your account’s virtual and physical memory usage. If memory usage exceeds predefined limits, visitors to your site receive “500 Internal Server Error” or “503 Error” messages in their web browser. Additionally, CloudLinux slows down your site to bring it back within acceptable limits.
Entry Processes (EP): CloudLinux monitors the number of processes running on your account. HTTP, SSH, CGI, and PHP connection requests all count towards this predefined limit, which is generous. If your web site exceeds this limit, visitors receive “503 Error” messages in their web browser. The limit is primarily in place to help prevent DDoS, spambot, and brute force attacks from affecting entire servers. However, a poorly configured site can also cause this limit to be reached.
When your website hits the pre-allocated resources limit based on your hosting plan, you will either observe slow response times on your websites or see intermittent errors on the site.
MySQL usage: CloudLinux’s MySQL Governor monitors your account’s MySQL usage and restricts it if any of the following resources exceed predefined limits:
- CPU usage
- Disk reads and writes
- Number of database connections
No error messages are displayed when this restriction occurs. When MySQL usage falls below the predefined limits, the MySQL Governor removes the restrictions. DDoS (Distributed Denial of Service), spambot, and brute force attacks, as well as plugins and unoptimized databases, are all possible causes of high MySQL usage.
How do I view my resource usage?
To view resource limit information for your account, follow these steps:
Log in to cPanel.
In the METRICS section of the cPanel home screen, click CPU and Concurrent Connection Usage.
On the Resource Usage Overview page, cPanel displays a summary for your account. Depending on your account’s resource usage, you may see:
- Your site had no issues in the past 24 hours: If you receive this message, your account did not trigger any limits within the past 24 hours.
- Your site has been limited within the past 24 hours: If you receive this message, your account triggered at least one resource limit within the past 24 hours. cPanel displays additional information about which resource (or resources) triggered the limit.
- Your site might hit resource limits soon: This message is a warning that your account may trigger resource limiting in the near future. cPanel displays additional information about which resource is at risk of triggering a limit.
- To view detailed resource usage information for your account, click [Details]. cPanel displays usage graphs and a usage table:
- By default, cPanel displays resource usage information for the past 24 hours. To change the time interval displayed, in the Timeframe list box, select the interval you want, and then click Submit.
- To view resource usage snapshots, click [Snapshots]. Depending on your account’s resource usage, cPanel may display a list of processes and a list of database queries:
- In the calendar, select the date you want to view.
- In the Choose snapshot list box, you can select the snapshot for the specific time you want to view:
- To move to the previous snapshot, click the Previous snapshot. To move to the next snapshot, click Next snapshot.
Primary Reasons for These Above Errors:
Spamming: When spambots find an outdated CMS such as WordPress or a web form, massive simultaneous connections are opened to fill the website with spam advertisements. Since such comment spamming is automated, multiple simultaneous connections are opened from different IPs. This exhausts the “Entry Process limit” and renders the website inaccessible with 508 error.
Brute force hack attempts: A popular way to hack into a website is to guess the right admin login details. This process is called brute force. Attack bots try various combinations of username and passwords at a very high rate from different IPs in order to get admin access. During such attacks, the “Entry Process limit” is easily exhausted. Such attacks are characterized by a high number of connections to a single file, often lasting for only less than a second.
In both of these situations you can try to block related connecting IPs from cPanel > Site Management > Ip Deny Manager or you can install plugins such as WordPress ReCaptcha or WordPress Website Security to prevent these attacks.
Specific Component or Plugin: You can check with our support for assistance in identifying any extensions or processes that are acting as resource hogs. Sometimes, a specific plugin consumes lots of resources due to sloppy programming, and you’ll want to delete them or uninstall the plugin. If you need the features the extension provides, consider looking for a trusted replacement on the Joomla Extension Directory or WordPress repository; both of these resources are huge so you’re sure to find multiple alternatives for any plugin that you use; hopefully, one that let’s resource-intensive!
Hacked Website: You might think this is obvious, but many hackers don’t make a habit of leaving a trace. Instead, after hacking your site they’ll add a script that could generate false requests, ultimately wasting your resources on nothing or making the script-maker money. If you think the site is hacked you can open a ticket to our support and we can have it checked for you.
Sudden Increase Valid Website Traffic: Some websites achieve a sudden increase of valid traffic, usually during a marketing campaign or during festive seasons. In such situations, will need to consider upgrading your web hosting plan. Get in touch with our sales team and we’d be happy to point you in the right direction.