Nginx

來自一個站點的持續高 CPU 使用率

  • March 17, 2017

我在 DigitalOcean 有一台伺服器,它主要用於執行幾個低流量的 WP 站點,並且 90% 的站點執行良好。**但!**其中一個站點不斷有 5-20 個(取決於我將最大孩子放在什麼位置),並且每個程序都在消耗 5%-20% 的 CPU,如此處所示。它每天都保持這種狀態,但我懷疑他們的活躍使用者越多,情況就會越糟。

重新啟動 php-fpm 或任何其他服務都無濟於事 - 我查看了日誌,我真的找不到任何我認為會導致此問題的東西。

我對整個伺服器的事情還是很陌生,我不得不說我不太確定是什麼原因造成的。但是,如果有人能指出我正確的方向,我將不勝感激!

一點資訊:

DigitalOcean Droplet (4gb ram, 2 CPUs)
CentOS 7.3.1611 x64
nginx / php-fpm
Running WP sites (6-7 sites)

PHP-fpm.conf

listen = 127.0.0.1:9001
listen.allowed_clients = 127.0.0.1

user = int
group = int

pm = dynamic
pm.max_children = 10
pm.start_servers = 3
pm.min_spare_servers = 2
pm.max_spare_servers = 10
pm.max_requests = 300

env[HOSTNAME] = $HOSTNAME
env[PATH] = /usr/local/bin:/usr/bin:/bin
env[TMP] = /tmp
env[TMPDIR] = /tmp
env[TEMP] = /tmp

Nginx.conf:

limit_conn_zone $binary_remote_addr zone=conn_limit_per_ip:40m;
limit_req_zone $binary_remote_addr zone=req_limit_per_ip:40m rate=20r/s;

server {
listen      114.242.22.180:80;
server_name int www.int;
root        /home/int/web/int/public_html;
index       index.php index.html index.htm;
access_log  /var/log/nginx/domains/int.log combined;
access_log  /var/log/nginx/domains/int.bytes bytes;
error_log   /var/log/nginx/domains/int.error.log error;


limit_conn conn_limit_per_ip 40;
limit_req zone=req_limit_per_ip burst=40 nodelay;

location = /wp-login.php {
   allow xxx.xxx.xxx.xxx;
   deny all;
}


location = /favicon.ico {
   log_not_found off;
   access_log off;
}

location = /robots.txt {
   allow all;
   log_not_found off;
   access_log off;
}

location / {
       index index.php index.html index.htm;
   try_files $uri $uri/ /index.php?$args;
   location ~* ^.+\.(jpeg|jpg|png|gif|bmp|ico|svg|css|js)$ {
       expires     max;
   }

    location ~ ^(.+\.php)(.*)$ {
       fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
       if (!-f $document_root$fastcgi_script_name) {
           return  404;
       }
   fastcgi_split_path_info  ^(.+\.php)(.*)$;
       fastcgi_pass    127.0.0.1:9001;
       fastcgi_index   index.php;
       include         /etc/nginx/fastcgi_params;
   }
}

error_page  403 /error/404.html;
error_page  404 /error/404.html;
error_page  500 502 503 504 /error/50x.html;

location /error/ {
   alias   /home/int/web/int/document_errors/;
}

location ~* "/\.(htaccess|htpasswd)$" {
   deny    all;
   return  404;
}

location /vstats/ {
   alias   /home/int/web/int/stats/;
   include /home/int/web/int/stats/auth.conf*;
}

include     /etc/nginx/conf.d/phpmyadmin.inc*;
include     /etc/nginx/conf.d/phppgadmin.inc*;
include     /etc/nginx/conf.d/webmail.inc*;

include     /home/int/conf/web/nginx.int.conf*;
}

我們可以看到 CPU 正在被使用,但是哪個程序正在使用它呢?PHP-FPM?MySQL?Nginx?您多久從 NginX 獲取 access.log 文件中的日誌?不是恆定的嗎?如果它是恆定的,那麼您可能會受到 DDoS 攻擊。

如果以上都是:是 Cloudflare 或 Fail2Ban 是必需的(forme,我兩者都有)

引用自:https://serverfault.com/questions/835413