• The APS Catalog has been deprecated and removed from all Plesk Obsidian versions.
    Applications already installed from the APS Catalog will continue working. However, Plesk will no longer provide support for APS applications.
  • Please be aware: with the Plesk Obsidian 18.0.78 release, the support for the ngx_pagespeed.so module will be deprecated and removed from the sw-nginx package.

Question fail2ban-server and systemd-logind high cpu usage, log file auth.log 200Gb

B

bendim

New Pleskian
Server operating system version
Debian
Plesk version and microupdate number
18.0.48
Hello,
today i checked my grafana board and saw high cup usage and my 500Gb disk space was full.

htop shows fail2ban-server and systemd-logind 100% usage.
I searched for big files with the following command.
Bash: 
find / -type f -size +100M -exec du -h {} + 2>/dev/null | sort -r -h
259G    /var/log/auth.log
144G    /var/log/daemon.log
39G    /var/log/syslog.1
18G    /var/log/syslog

I stoped the fail2ban service temporarily to solve the problem.
Was my server hacked or is someone trying to hack it, or is it "only" a plesk problem.

Debian with Plesk Obsidian 18.0.48
 
Very similar to an attack on your server. I think it would be worth examining the fail2ban logs, for example, to get more details.
 
You must log in or register to reply here.

Similar threads

V
Resolved high CPU usage by 'sw-engine' with task 'ext-log-browser-parse-maillog'
Replies
16
Views
6K
wapin55
W
E
Issue Abnormal CPU usage and Apache crash
Replies
13
Views
8K
MartinT
M
Endre
Issue Server Error 500 Plesk\Exception\Database DB query failed: SQLSTATE[HY000] [2002] No such file or directory
Replies
15
Views
13K
MihaiNecreala
M
Denis Gomes Franco
Question Tracking down periodic high usage
Replies
13
Views
7K
Denis Gomes Franco
Denis Gomes Franco
V
High CPU usage for Fail2Ban
Replies
4
Views
4K
vincheesel
V
Back
Top