Closed. This question does not meet Stack Overflow guidelines. It is not currently accepting answers.
This question does not appear to be about a specific programming problem, a software algorithm, or software tools primarily used by programmers. If you believe the question would be on-topic on another Stack Exchange site, you can leave a comment to explain where the question may be able to be answered.
Closed 9 years ago.
Improve this question
I got an email from my hosting company telling me that there is a loading problem on my server , actually I am not a webmaster so I need your help if that is possible.
they said that :
IMPORTANT: Do not ignore this email.
This is cPanel stats runner on examle.com!
While processing the log files for user "example", the cpu has been
maxed out for more than a 6 hour period. The current load/uptime line on the server at the time of
this email is
18:19:49 up 129 days, 21:47, 0 users, load average: 4.20, 3.37, 3.16
You should check the server to see why the load is so high and take
steps to lower the load. If you want stats to continue to run even with a high load; Edit
/var/cpanel/cpanel.config and change extracpus to a number larger then 0 (run
/usr/local/cpanel/startup afterwards to pickup the changes).
I want to know is my server being attacked or it is a problem inside the server (website problem in loading)??
I hope you can help me on this it is an emergency .Thanks
Ahoy,
This email is sent out when the program that process website statistics, has worked on processing your website stats for over 6 hours. The stats the program is building are under the stats section of cPanel.
This can happen for a various reasons, However the most likely is that your server hosting your cPanel account is overloaded and the processing of your stats was paused while the server was overloaded for over 6 hours causing your stats not to run.
There are other causes for this error including if you use an awstats.conf file, this may be causing issues.
However this issue is something the server administrator will have to address since they need access to specific log files as will as to the server's root shell.
One remedy the server administrator could use is to change extracpus to a number larger then 0 in /var/cpanel/cpanel.config and then running /scripts/restartsrv_cpsrvd
If the above fails the server administrator will have to locate the issue from one of the following log files:
/usr/local/cpanel/logs/error_log
/usr/local/cpanel/logs/stats_log
A chart of cPanel Log Files and Config files can be found at the links below for further investigation.
http://go.cpanel.net/configposter
http://go.cpanel.net/logposter
Related
Closed. This question does not meet Stack Overflow guidelines. It is not currently accepting answers.
This question does not appear to be about a specific programming problem, a software algorithm, or software tools primarily used by programmers. If you believe the question would be on-topic on another Stack Exchange site, you can leave a comment to explain where the question may be able to be answered.
Closed 3 years ago.
Improve this question
Why postgres user generates over > 1000 processes of tracepath command?
And this uses a lot of CPU resources - up to 40% usage of my process core.
My application on ASP.NET Core 3.1 and PostgreSQL v10 server is on one VPS server.
Application using host 127.0.0.1 for connect to PostgreSQL server.
And what this command doing?
htop output:
UPD: 21.01.2010
I have detected a massive DDoS attack on my server. Attackers used root and other names that I don’t have.
I installed fail2ban and after 1-2 hours I saw this:
And count of bans is growing...
UPD: 22.01.2020
I have another problem: creating phantom process on postgresql username. It's using all my CPU and RAM...
I don't think you are under DDOS. You have been hacked, and maybe are now being used to commit DDOS against other people. They have dropped a shell launcher which lets them connect to postgresql and then call a function which launches any arbitrary shell script they want.
You said "Application using host 127.0.0.1 for connect to PostgreSQL server", but what is the attacker using? Is anyone other than 127.0.0.1 allowed to connect?
I am install fail2ban and after 1-2 hours i see this:
Any server open on port 22 and running fail2ban is going to build a list of banned IP. You didn't notice it before because you weren't running fail2ban before. It is unlikely this has anything to do with anything else you are seeing. Attacks on 22 are so ubiquitous that logging them is probably not useful.
Closed. This question does not meet Stack Overflow guidelines. It is not currently accepting answers.
This question does not appear to be about a specific programming problem, a software algorithm, or software tools primarily used by programmers. If you believe the question would be on-topic on another Stack Exchange site, you can leave a comment to explain where the question may be able to be answered.
Closed 1 year ago.
Improve this question
I am not sure if this is really the problem but it seems that Windows 10 is automatically creating a new profile for me with the same credentials every time I restart my computer. I can still log on with my old credentials but some apps like Slack and Dropbox aren't there anymore and needs to be re-downloaded, MS Outlook is requiring me to set up my profile from start with nothing synced, etc. etc. It's treating me like a new user with each login. I am super frustrated.
Thanks.
There is not enough information for sure knowing what is happening. But from my previous experiences, I could assume that what you are seeing is, Windows login you into a temporary profile. This happens when there is something corrupted on your original profile, and windows log you into the last know working profile. After logout, nothing is saved.
Sometimes it is possible to recover the profile, but sometimes it could be impossible. Wherever is the case it is better backup anything that is possible in case that you need to delete and create a new one.
Google for windows temporary profile recovery as they are many techniques depending of the cause. Here are a couple of samples:
https://answers.microsoft.com/en-us/windows/forum/windows_7-security/you-have-been-logged-in-with-a-temporary-profile/20ed22a5-8338-4578-84bc-f0a8e77aa15d
https://winaero.com/blog/windows-10-youve-been-signed-in-with-a-temporary-profile/
I too have the same problem..This problem nos called Temporary Profile Login. You can just follow this YouTube Video Fix Temporary Profile Login Error in Windows 10
If you like reading go read this article FIX Temporary Profile on Windows 10
I hope I have answered this question.
Closed. This question does not meet Stack Overflow guidelines. It is not currently accepting answers.
Closed 3 years ago.
This question does not appear to be about a specific programming problem, a software algorithm, or software tools primarily used by programmers. If you believe the question would be on-topic on another Stack Exchange site, you can leave a comment to explain where the question may be able to be answered.
Edit the question to include desired behavior, a specific problem or error, and the shortest code necessary to reproduce the problem. This will help others answer the question.
Improve this question
We are using gmail oAuth2 to send the mail from nodemailer and receiving below error -
{"code":"EENVELOPE","response":"421 4.7.0 Temporary System Problem.
Try again later (WS). e189-v6sm98ioe.0 -
gsmtp","responseCode":421,"command":"DATA"}
Out testing team by mistake run the automation test script and triggered a lot of mails simultaneously, I understand that might have blocked the mail's temporarily as the error suggest. I am interested to know how long this blockage will continue and what can one do to resolve it. At this point it is not possible for us to switch mail sending from gmail to some thing else.
I faced the same problem as I tried to pump several mails as part of load testing, nearly 100 mails in a minute. After sending 500 mails, Gmail started rejecting the connection with the same error.
The situation became normal after I introduced a think time of 1 second, limiting the outgoing mail at < 50 per min.
For me, Gmail was rejecting my mails only for a duration of 3 minutes.
It is a 24 hours lockout; however, sometimes it can be just temporary. Try reducing the amount of connections sent to be no more than 1 every other second.
Closed. This question does not meet Stack Overflow guidelines. It is not currently accepting answers.
This question does not appear to be about a specific programming problem, a software algorithm, or software tools primarily used by programmers. If you believe the question would be on-topic on another Stack Exchange site, you can leave a comment to explain where the question may be able to be answered.
Closed 7 years ago.
Improve this question
Currently for a company dedicated hosting server, there are a large amount of 403 errors being generated by the company IP for a specific website, while no one from the company is accessing that site. There are a large number of client sites, as well as a staging site hosted on this server, to which the hosting company locked out the company with the reason "a brute force attack was launched from IP address ... (the company IP)". Is there any way the IP could be used by an outside source, or would there be some software, malware, or general error that could be causing this? I'm far from a security expert, and at a loss while the hosting company is not able to give clear answers other than to offer to disable their "mod_security firewall".
Thanks!
You should be able to track on your companies firewall (outbound) what local machines are spamming this external server with requests.
The 403 is just a bi-product of a different problem - the spamming appears to be the root problem. 403 is showing because the request is likely to be malformed and not accepted by the hosted web server.
It is not possible to "steal" an IP when talking about TCP/IP so if the hosting provider detected that it is true.
If you have no firewall where to monitor that and the head of IT thinks does not think that getting one is a good idea..... Go to http://careers.stackoverflow.com/ and start looking for another.
Closed. This question does not meet Stack Overflow guidelines. It is not currently accepting answers.
This question does not appear to be about a specific programming problem, a software algorithm, or software tools primarily used by programmers. If you believe the question would be on-topic on another Stack Exchange site, you can leave a comment to explain where the question may be able to be answered.
Closed 9 years ago.
Improve this question
I'm currently doing some database benchmarking on a virtual machine running Ubuntu 12.04. I've noticed that the second time I execute a query it runs significantly faster. This ist most likely due to the OS caching that just keeps all the data in main memory. To keep the cache from screwing up my measurements I thus want to clear it between subsequent runs.
I found the following commands to achieve this on the google:
sync;echo 3 > /proc/sys/vm/drop_caches
and
sysctl -w vm.drop_caches=3
which all yield in a permission denied error even when I'm logged in as root. It seems like it is just not possible to clear the system's cache from the guest system. I guess this is because it uses the hosts cache. As I don't have access to the host I have to find a workaround. Currently I have two ideas.
First idea is to reboot the machine between runs as this clears the cache. As I want to perform a couple dozen runs I really need to automate this. So I could put a program into autostart let it perform a query and reboot and continue with the next query on the next startup. Feels like writing a virus though.
Second idea is to just flood the memory with other data. As my machine has quite a bit of RAM i would e.g. generate some large file of random data an just read it into /dev/null.
So finally my question is, has anyone a better idea to clear the cache, or maybe avoid the usage of the cache all together? Or has anyone some suggestions on how to implement one of my two ideas easily?
Thank you very much in advance,
Antigo