How To Troubleshoot PHP Errors, php errors in your php error log

Home Forums BulletProof Security Pro How To Troubleshoot PHP Errors, php errors in your php error log

Viewing 15 posts - 61 through 75 (of 238 total)
  • Author
    Posts
  • #10591
    jena
    Participant

    As they have mentioned:
    At around 2:02 on the 7th i noticed your memory levels drop very low, the cause of this was due to many wp-cron.php scripts being ran, i have shown these below. Each one of these was using up around 70-90M of memory, which caused the server to start killing off processes. I recommend moving up a VPS level, reducing memory usage of your PHP scripts or disabling wp-cron.

    Does bps has AutoRestore Cron only or other cron also works? May be the cron increases resource usage that kills processes.

    #10592
    AITpro Admin
    Keymaster

    The AutoRestore Cron runs all day long from morning to night – every 15 minutes.  If the problem was the AutoRestore Cron then it would not be occurring only at 2:02 and would instead be a constant problem.

    The AutoRestore Cron and AutoRestore itself use barely any memory/resources at all.  We designed AutoRestore with performance/speed in mind.  We threw away a lot of code for about 6 months until we acheived all goals – maximum website speed performance and 100% accuracy.

    So to sum up everything – AutoRestore is not the root cause of this issue.  What I do know from logging into your sites and your site architecture and how you are using it is this – your websites will continue to degrade/get slower as you add more sites.  You should take the advice of the Host Support person because I believe that he/she is absolutely correct in his/her assessment.  If your site is showing signs of resources being maxed out now the problem will only continue to get worse as you add more and more Network/Multisite subsites for your customers.  For what you are doing with your Network/Multisite architecture you should have VPS or Dedicated hosting.

    #10876
    Krzysztof
    Participant

    Hello,
    sometimes I get a php error pop up but when i click the clik here link the log is empty.

    #10884
    AITpro Admin
    Keymaster

    Do you see any php errors in your php error log?  Or is your php error log always empty / blank?

    #11498
    jena
    Participant

    We have now upgraded vps. The new disk space is 165G

    Used 56G
    Available 110G
    Percent Used 34%
    But still get the server gone away errors.

    #11502
    AITpro Admin
    Keymaster

    Please ask your web host to assist you.  php errors are not specific to or caused by BPS Pro and are general errors that BPS Pro logs.  php errors can be caused by coding mistakes in other plugins or themes or Server side issues.

    #11630
    jena
    Participant

    here is the latest reply I got-

    Our diagnostic tools do not scan for corrupt scripts, but instead log various system activities. The most recent errors I found on your server occurred at 09:05 this morning, and were caused by the system running out of memory. Unfortunately, this was due to someone scanning for install scripts for CMS systems and utilities that don’t exist on your server. They scanned for at least 45 different install scripts at the same time, resulting in a large number of MySQL queries and PHP processes stacking up. Here is a list of remote IPs viewing pages at 09:05 this morning:

    45 202.133.61.26 2 192.254.200.222 1 66.249.74.202 1 54.235.131.172 1 192.254.200.225 1 192.254.200.224 1 188.143.232.111

    As you can see, the first IP is the one that was scanning your server. In this case, making changes to the MySQL timeout would not help (this can be changed in /etc/my.cnf), and upgrading would likely not help either (they’d just be able to load a few more pages before causing a problem). A more efficient solution may be to create a static 404 error page and use that on your sites: https://support.hostgator.com/articles/cpanel/custom-error-pages This will prevent all of the PHP processes and MySQL calls from happening when someone scans for files that don’t exist. I did go ahead and implement a more optimized MySQL configuration for you though.

    So this is surely due to the attacks by bots etc. How to reduce/prevent these spam attacks through bps?

    #11636
    AITpro Admin
    Keymaster

    Disregard my last post.  I actually do not think that 404 errors could be causing the problem.  Maybe excessive scanning of your website could cause the problem?  I think the root cause of this issue is not what was stated above and is actually still related to excessive MySQL queries somewhere (plugin, theme) on your website.  What I recommend you do is hire a website developer or coder to figure out what the root of the problem is.  We no longer offer any other services besides BPS Pro support.

    #11664
    jena
    Participant

    Yes the excessive scanning could be due to attacks by hackers,spam bots. Today I found these kind of requests in security log in all multisites. So how to prevent this excessive usage by hackers?

    REQUEST_URI: /wp-admin/images/wordpress-logo.svg
    and access to login pages
    HTTP_REFERER: http://findhopetoday.com/wp-login.php
    REQUEST_URI: /wp-login.php
    #11668
    AITpro Admin
    Keymaster

    You can use this Brute Force Login page protection code below and follow the instructions in the link below for how to add the code to BPS Pro Custom Code. And enable JTC Anti-Spam, which adds Brute Force Login page protection.  BPS Pro Login Security also adds Brute Force Login protection.

    http://forum.ait-pro.com/forums/topic/protect-login-page-from-brute-force-login-attacks/

    # BRUTE FORCE LOGIN PAGE PROTECTION
    # Protects the Login page from SpamBots & Proxies
    # that use Server Protocol HTTP/1.0 or a blank User Agent
    RewriteCond %{REQUEST_URI} ^(/wp-login\.php|.*wp-login\.php.*)$
    RewriteCond %{HTTP_USER_AGENT} ^$ [OR]
    RewriteCond %{THE_REQUEST} HTTP/1\.0$ [OR]
    RewriteCond %{SERVER_PROTOCOL} HTTP/1\.0$
    RewriteRule ^(.*)$ - [F,L]
    #11670
    jena
    Participant

    This code is already added.

    #11673
    AITpro Admin
    Keymaster

    Ok then your site is already protected.  Log entries in your Security log are hackers and spammers that are already being blocked.  You do not need to do anything else when they are already being blocked.  The Security log also logs HTTP errors for troubleshooting legitimate things that BPS Pro may be blocking, but most of what is logged in your Security Log file is blocked hackers, spammers, scrapers, miners, etc etc etc.

    #11674
    AITpro Admin
    Keymaster

    I doubt very seriously that the origin / source of the problem is hacker scanner or probes on your website.  Our sites get around 500,000 scans / probes per month and they do not slow down or cause slowness or any other problems for our sites.  The original issue on your sites is excessive MySQL queries so that is what you should be looking at / into.  I recommend that you hire someone for a day to look over your site and find the root cause / origin / source of the real problem.

    #11819
    jena
    Participant

    Here another reply I got from hostgator

    “What Rob was trying to explain is that configuring a custom 404 page would preempt WordPress and bypass PHP processing. Unfortunately, this would not work, since a properly configured WordPress site uses mod_rewrite nonexistent directories to index.php, which is then responsible for determining if a page exists or not. Raising execution time is possible, however this may actually make the problem worse because it would allow more PHP scripts to run simultaneously, which will use even more memory. One thing we can try is to disable wp-cron and then create a proper cron job set to execute every 15 minutes instead of on every page load. This should reduce the load on your server. Please let us know if you’d like us to make this change for you”

    Bullet proof ARQ cron is set to run each 15 minutes on all multisites/networks.
    is there any other cron runs by bullet proof?
    What the support specified above can be done?

    #11822
    AITpro Admin
    Keymaster

    If they choose to disable wp-cron then you might as well not use AutoRestore/Quarantine and just turn it Off.  It will not work in the way that they are proposing.  BPS Pro is performance optimized.  The cron may fire more frequently than every 15 minutes, but what this triggers is Directory Iterators and that is all.  BPS Pro is specially designed not to cause performance problems.  To someone who does not understand what BPS Pro is actually doing then they will assume things that are not correct – this happens all the time.  On the surface the BPS Pro wp-cron issue looks like a possible cause of a problem, but it is not and never has been or never will be the cause of this type of problem.

    I’m going to point this fact out again – 1,000’s of BPS Pro users are using AutoRestore/Quarantine on 1,000’s of web hosts Worldwide and they are not experiencing the problems that you are experiencing on your website – it is not BPS Pro that is causing these problems directly.  It is possible that some other plugin is malfunctioning and involving BPS Pro in that problem, but BPS Pro is not the root cause of the issues you are experiencing on your website.

    If you would like to test to see if their theory is correct then turn Off AutoRestore for a day or so.

    There are 100’s of websites that are using BPS Pro on HostGator web hosting and none of them are experiencing the problems that are occurring on your website.  Our HostGator testing website hosted on HostGator is not experiencing these problems.

Viewing 15 posts - 61 through 75 (of 238 total)
  • You must be logged in to reply to this topic.