• We value your experience with Plesk during 2024
    Plesk strives to perform even better in 2025. To help us improve further, please answer a few questions about your experience with Plesk Obsidian 2024.
    Please take this short survey:

    https://pt-research.typeform.com/to/AmZvSXkx
  • The Horde webmail has been deprecated. Its complete removal is scheduled for April 2025. For details and recommended actions, see the Feature and Deprecation Plan.
  • We’re working on enhancing the Monitoring feature in Plesk, and we could really use your expertise! If you’re open to sharing your experiences with server and website monitoring or providing feedback, we’d love to have a one-hour online meeting with you.

Resolved Perfomance issues, timeouts for single subscriber - out of the blue

seqoi

Regular Pleskian
Yeah this seems interesting.

So i have like 41 subscribers, and 41 domains on web admin edition.

All is working fine from start, all others are working fine but..out of the blue one specific subscriber as of today is having problems. Like 504 gateway timeouts...I know for a fact that subscriber did not changed or installed anything because....

that subscriber with timeout problems is...ME.

So out of the blue (i did not installed anything nor did i updated anything on my wordpress) i have timeout problems
(
504 Gateway Time-out
nginx)

with my own wordpress website. I already tried disabling all plugins, i already tried every trick in the book. Mind you wordpress auto updates are turned off, there was no update or change in the filesystem whatsoever. No plugin updated itself. Just as of today that specific subscription is having problems.

Everyone else on their own subscription is working like a charm. No problem whatsoever.

I tried to switch from php 7 from FastCGI to FPM and that seems to solve problem for 3 minutes then all everything again. gateway timeout. If i hit refresh after 30 seconds website is there. If i hit again after 30 seconds again timeout error. I am looking at error log files in my subscription folder but can't understand what is problem.

I don't get it how is possible that all of a sudden i have a problem while NOTHING was changed.


running
Plesk Onyx
Version 17.5.3 Update #46 - latest patches. Server usage is fluctuating around 40% like usually does.

i am thinking on upgrading 17.8.11 if that will solve my problems.


Any specific log i can look into?
 
Last edited:
This is example found in error log

[Wed May 02 13:17:38.580359 2018] [fcgid:warn] [pid 19280:tid 140575353272064] [client xxx.217.235.xx:43190] mod_fcgid: read data timeout in 120 seconds
[Wed May 02 13:17:38.580493 2018] [core:error] [pid 19280:tid 140575353272064] [client xxx.217.235.xx:43190] End of script output before headers: index.php


I already tried

Website shows 500 internal server error on Plesk: mod_fcgid: read data timeout

But that just prolong delay error and does not fix anything

So basically i am getting timeout...then 20 seconds later i hit refresh and website is there...then 20 sec later again timeout...and going back again..
 
From Apache error log found in var/log/httpd/

[Wed May 02 13:25:28.941622 2018] [fcgid:warn] [pid 19249:tid 140575860799616] mod_fcgid: process 20838 graceful kill fail, sending SIGKILL
 
Well i wanted to report that i "fixed" this on my own. It turned out that a customer to which i provided and opened wordpress installation/folder on my subscription - uploaded a virus on to my server via his wordpress installation and virus was eating all my resources. Apparently he downloaded a wordpress plugin from warez website and worst of all they where under impression this is free and safe to use (yeah right).

I was able to pinpoint it on my own because i was looking at function.php on my website and found a code which was not mine. After investigation and google i did found this info WordPress WP-VCD malware attack — Solution – Rakshit Shah – Medium - virus in my system was a bit more advanced but i tracked it down and removed it.

Wordfence was not installed on their wordpress installation because it was "development" instance. Lesson learned. I am seeing this as my own fault not their. Even though they downloaded warez because they are not experienced that much (they just accepted googled result) and uploaded on to my server, which was then spreading in my subscription - i am the one responsible for not doing my security tasks.

Another good thing - i updated to Plesk 17.8 without any issue. This is so much cooler environment!
 
Back
Top