• Our team is looking to connect with folks who use email services provided by Plesk, or a premium service. If you'd like to be part of the discovery process and share your experiences, we invite you to complete this short screening survey. If your responses match the persona we are looking for, you'll receive a link to schedule a call at your convenience. We look forward to hearing from you!
  • We are looking for U.S.-based freelancer or agency working with SEO or WordPress for a quick 30-min interviews to gather feedback on XOVI, a successful German SEO tool we’re looking to launch in the U.S.
    If you qualify and participate, you’ll receive a $30 Amazon gift card as a thank-you. Please apply here. Thanks for helping shape a better SEO product for agencies!
  • The BIND DNS server has already been deprecated and removed from Plesk for Windows.
    If a Plesk for Windows server is still using BIND, the upgrade to Plesk Obsidian 18.0.70 will be unavailable until the administrator switches the DNS server to Microsoft DNS. We strongly recommend transitioning to Microsoft DNS within the next 6 weeks, before the Plesk 18.0.70 release.
  • The Horde component is removed from Plesk Installer. We recommend switching to another webmail software supported in Plesk.

Issue Slow Web Speed + occasional 524 timeout

S

Senatri

New Pleskian
Server operating system version
Ubuntu 20.04.6 LTS
Plesk version and microupdate number
18.0.54
Hello,

since today my website started to be unresponsive.
Every few requests the website takes forever to load (30+ sec). Sometimes it shows a CF 524 - timeout error after 30 or 60sec and then loads the website.
Sometimes it loads for 10-15 sec and after pressing F5 lets the website load instantly.

I changed nothing on the website, nor did I update Plesk or something else.

I noticed that before this issue happened, the Memory Usage dropped significantly, especially the MySQL memory usage halved. Nginx memory usage on the other hand 5x for a short period and is now tripled.


1692754989519.png
 
This situation can have many reasons.

One very common reason are attacks against a website. It will be best to start of checking your logs/access_ssl_log and logs/error_log files on your server for suspicious activity such as frequent visits of bad bots. You can exclude bad bots in a variety of ways from visiting your server or site, e.g. by a fail2ban jail, by Nginx settings or very simple .htaccess Apache rules. Apache is the most costly solution in terms of cpu time, but it is also the easiest to implement, for example this is a segment you could put on top of other rules in your .htaccess file. It is proven to block the most common trouble makers:
Code: 
RewriteEngine On
RewriteBase /
RewriteCond %{HTTP_USER_AGENT} (PetalBot|UptimeRobot|seocompany|LieBaoFast|SEOkicks|Uptimebot|Cliqzbot|ssearch_bot|domaincrawler|AhrefsBot|spot|DigExt|Sogou|MegaIndex.ru|majestic12|80legs|SISTRIX|HTTrack|Semrush|MJ12|MJ12|Ezooms|CCBot|TalkTalk|Ahrefs|BLEXBot) [NC] 
RewriteRule .* - [F]

It is also thinkable that some sources are checking your website for security holes. These checks can come from a variety of IPs. Maybe you can identify the most frequent visitors by running
awk '{ print $1}' access_ssl_log | sort | uniq -c | sort -nr | head -n 20
and then check in detail what these are doing. You could consider blocking visitor IPs that are bad for your server, e.g.
plesk bin ip_ban --ban <ip address of bad visitor>,recidive
 
You must log in or register to reply here.
Back
Top