PHP FPM CPU Over Usage, Need EXPERT Help

  • You MUST read the Babiato Rules before making your first post otherwise you may get permanent warning points or a permanent Ban.

  • Our resources on Babiato Forum are CLEAN and SAFE. So you can use them for development and testing purposes. If your are on Windows and have an antivirus that alerts you about a possible infection: Know it's a false positive because all scripts are double checked by our experts. We advise you to add Babiato to trusted sites/sources or disable your antivirus momentarily while downloading a resource. "Enjoy your presence on Babiato"

simplysexyboy

Active member
Trusted Uploader
Oct 24, 2020
247
174
43
32
U.S.A
easyecommerce.tools
Hey Guys,

I managin all my VPS on a regular action daily basis. Recently one of my VPS is facing PHP FPM CPU Issues. 1 Website 1 VPS placed. Website is Woocommerce.
My server application stack is :
  • Nginx (with HTTP/2 enabled) 1.18
  • PHP-FPM7.4
  • MariaDB 10.4
  • Redis 5.0
  • Git
  • Composer
  • WP-CLI
  • Certbot
  • UFW (firewall)
  • Fail2ban
All of them installing and managing by me on CLI. No Phpmyadmin or control panel ( cPanel, Plesk, etc.)

I'm a small business owner making online sales ( Dropshipping ), And I create one product, one store ( One Product Store ), and those stores. WOO only placed 1 VPS on AWS service t3. Small 2vCPU 2Gram1 website. So my stack and server setting tweak was working smoothly, but one of the new VPS ( Store ) because of the FastCGI checkout page caching excluding, now all the Request hitting to PHP FPM.
I Have enabled object cache Redis and also OPcache, but it is not helping so much. Every other request to the checkout page from landing page responding 7 seconds average and PHP FPM sucking all the server CPU.
I have checked PHP FPM logs and found out PHP FPM Workers not enough, and after that, I have tuned PHP FPM but still the same issues.
There are 2 options.

1. Nulled plugins making dynamic pages slowing down.
2.PHP FPM settings not configured correctly.
3.Server resource, not enough ( I have split tested with 8vcpu 16g ram still same issues )

[19-Feb-2021 14:41:22] NOTICE: ready to handle connections
[19-Feb-2021 14:41:22] NOTICE: systemd monitor interval set to 10000ms
[19-Feb-2021 14:42:06] WARNING: [pool domainname] server reached pm.max_children setting (6), consider raising it
[19-Feb-2021 14:43:16] WARNING: [pool domainname] server reached pm.max_children setting (6), consider raising it
[19-Feb-2021 14:44:28] WARNING: [pool domainname] server reached pm.max_children setting (6), consider raising it
[19-Feb-2021 14:44:45] WARNING: [pool domainname] server reached pm.max_children setting (6), consider raising it
[19-Feb-2021 14:48:32] NOTICE: Terminating ...
[19-Feb-2021 14:48:32] NOTICE: exiting, bye-bye!
[19-Feb-2021 14:49:03] NOTICE: fpm is running, pid 562
[19-Feb-2021 14:49:03] NOTICE: ready to handle connections
[19-Feb-2021 14:49:03] NOTICE: systemd monitor interval set to 10000ms
[19-Feb-2021 14:49:30] WARNING: [pool domainname] seems busy (you may need to increase pm.start_servers, or pm.min/max_spare_servers), spawning 8 children, there are 0 idle, and 5 total children
[19-Feb-2021 14:49:31] WARNING: [pool domainname] server reached pm.max_children setting (6), consider raising it


Is there anyone who is PHP FPM experts?
 

Attachments

DJJigsaw

Active member
Nov 10, 2020
224
91
28
From my experience, it has been bad for that extact reason that's why I am not using it. nginx is from what I had tested in the beta stages with cpanel pretty good. The only other thing I can say that helps to boost sites up is Cloudlinux, but that's a monthly cost. So minus PHP FPM, i'd say your fine.
 
  • Like
Reactions: simplysexyboy

slvrsteele

Well-known mod (NOT)
Staff member
Moderator
Null Master
Trusted Uploader
Nov 5, 2019
2,756
2,547
113
CDN
@simplysexyboy did you consider raising your server values from /pool.d/www.conf ?

Something like:

pm.max_children10
pm.start_servers4
pm.min_spare_servers2
pm.max_spare_servers6

Values are calculated based on your server specs and screenshots provided.
 
  • Like
Reactions: simplysexyboy

hellearth

Active member
Aug 19, 2020
147
55
28
I spent a terrible time with PHP FPM. website down with only about 20 active people...
I realize that Memcached & Redis are neither for a weak configuration server. Try Litespeed with CyberPanel or Ngix with the choice of Centmin, aapanel or WordOps that support WP Rocket which the great folks at babiato are giving for free.
You should test many things for your website system.
 
  • Like
Reactions: simplysexyboy

simplysexyboy

Active member
Trusted Uploader
Oct 24, 2020
247
174
43
32
U.S.A
easyecommerce.tools
Thanks, guys!
After 4 days, I solve the problem.
I have split tested with numerous times. I have done a load test for every single number of PHP FPM values. It takes 2 days :)))
So right now, I'm using those values for PHP FPM. But don't forget this is uniq for my server. As I told early, I have found every value one by one tested sending the HTTP requests with Apache Bench test.

pm = dynamic
pm.max_children = 5
pm.start_servers = 1
pm.min_spare_servers = 1
pm.max_spare_servers = 1
pm.max_requests = 500

The key is the pm setting dynamic. If your site spikes any traffic, then it will automatically place new children accordingly.
 

simplysexyboy

Active member
Trusted Uploader
Oct 24, 2020
247
174
43
32
U.S.A
easyecommerce.tools
I had a terrible time with PHP FPM. Website down with only about 20 active people...
I realize that Memcached & Redis are neither for a weak configuration server. Try Litespeed with CyberPanel or Nginx with the choice of Centmin, a panel or WordOps that support WP Rocket which the great folks at Babita are giving for free.
You should test many things for your website system.
Thanks, mate,
I don't prefer to use the Control panel. It is making a slow down the server. Overkill.
During these 4 days :D, I have tested WordOps daemon with AWS same hardware and the same website.
It turns out my stack and configuration are much faster then WordOPS. I have also check the WordOPS PHP-FPM numbers. They put on demand, which is leaking memory resource Cpu too much
 

hellearth

Active member
Aug 19, 2020
147
55
28
Thanks, mate,
I don't prefer to use the Control panel. It is making a slow down the server. Overkill.
During these 4 days :D, I have tested WordOps daemon with AWS same hardware and the same website.
It turns out my stack and configuration are much faster then WordOPS. I have also check the WordOPS PHP-FPM numbers. They put on demand, which is leaking memory resource Cpu too much
Thanks for share experiences.
I like CentminMod for its speed. But it doesn't support the Memcache I need, Redis it's not for weakly configured servers. I'm not an expert, I use WordOps for a number of reasons and never use the console.
 
Last edited:

simplysexyboy

Active member
Trusted Uploader
Oct 24, 2020
247
174
43
32
U.S.A
easyecommerce.tools
Thanks for share experiences.
I like CentminMod for its speed. But it doesn't support the Memcache I need, Redis it's not for weakly configured servers. I'm not an expert, I use WordOps for a number of reasons and never use the console.
Redis is much better then Memcache and Memcached. It is not only for object cache also can be using full page cache. And it is actually faster then memcache and storing both 64bit string data memcache does not.
 
  • Like
Reactions: hellearth

hellearth

Active member
Aug 19, 2020
147
55
28
Redis is much better then Memcache and Memcached. It is not only for object cache also can be using full page cache. And it is actually faster then memcache and storing both 64bit string data memcache does not.
Server optimization is time consuming for amateurs. It also took me a month for this job to stop until there was a budget to upgrade a new server with new technology ...

Can you share a tutorial on how your server optimization is doing?
 

hellearth

Active member
Aug 19, 2020
147
55
28
I try configuring Rocket-nginx with centiminmod. It's a great idea but quite a hassle. WordOps rocket is a similar configuration and simply install it from the command line.
 

rakibulmuhajir

New member
Jul 3, 2020
6
5
3
i use plesk for management. but i see it keeps eating all the resources. if there was a tutorial or collection of commands to manage server. that'd be nice
 

simplysexyboy

Active member
Trusted Uploader
Oct 24, 2020
247
174
43
32
U.S.A
easyecommerce.tools
Sure men,

I go with app configuration. this is more important than installing app.
For APP installation please go to https://www.udemy.com/course/the-perfect-nginx-server-ubuntu-edition/learn/lecture/22737271?start=15 watch that tutorial. It is a perfect fit for everyone. I have bought this course but my upload speed is so slow, it takes freaking ages to upload conplated so still didn't upload and share with babiatos. Will do in future.

Anyway For configuration it is perfect for 2vcpu 2gram those settings.



For WP configurations.
/* Memory */
define( 'WP_MEMORY_LIMIT', '256M' );

/* Undertstand which query */
define('SAVEQUERIES', true);

/* Disable WP Cron */
define( 'DISABLE_WP_CRON', true );

/* Auto Update */
define( 'WP_AUTO_UPDATE_CORE', false );

/* Debuging */
define( 'WP_DEBUG', true );
define( 'WP_DEBUG_DISPLAY', false );
define( 'WP_DEBUG_LOG', true );

/* Dont Allow File Edit */
define( 'DISALLOW_FILE_EDIT', true );

Bash script for easy command recall

alias ngt='sudo nginx -t'
alias ngr='sudo systemctl reload nginx'
alias fpmr='sudo systemctl reload php7.4-fpm'
alias rr='sudo systemctl restart redis'
alias mdr='sudo systemctl restart mariadb'
alias upt='sudo apt update'
alias upg='sudo apt upgrade'
alias rb='sudo reboot'

run this source ~/.bashrc


Cache excluding
wp-.*.php
/feed/
index.php
sitemap(_index)?.xml
wp-comments-popup.php
wp-links-opml.php
wp-locations.php
/cart.*
/basket.*
/checkout.*
/my-account.*
/offer.*
/order-received.*
/.well-know.*
/store.*
/addons.*

do this
First Things to do 1
=====
Install this package
sudo apt update
sudo apt upgrade -y
sudo apt install nginx libnginx-mod-http-headers-more-filter -y


==== After finish website your website calculate your PHP files and use that website to add prime number and then add to opcache
"cd /sites/domainname?/files/
find . -type f -print | grep php | wc -l
CLOSEST PRIME NUMBER

=====
Second thing to do 2.
Comment ON access log from domain level nginx conf
add to error_log down
location = /favicon.ico { access_log off; log_not_found off; }

i have added enclosed post NGINX, MARIADB, REDIS, PHP configuration files.
This settings are best of the best for nginx php7.4 redis and mariadb10.
it is far more then fast easyengine wordops and other software.
 

Attachments

simplysexyboy

Active member
Trusted Uploader
Oct 24, 2020
247
174
43
32
U.S.A
easyecommerce.tools
WP Security nginx directives.

Add this conf file to your /etc/nginx/sites-available/domainanme/createanewdirectiory/
Create new directory and ad this file to there. This is blocking all the bad agents from scanning your WP.

block-agent.conf


###
# BLOCK USER AGENTS
###

set $block_user_agents 0;

if ($http_user_agent ~ "Screaming Frog SEO Spider") {
set $block_user_agents 1;
}
if ($http_user_agent ~ "Indy Library") {
set $block_user_agents 1;
}
if ($http_user_agent ~ "libwww-perl") {
set $block_user_agents 1;
}
if ($http_user_agent ~ "GetRight") {
set $block_user_agents 1;
}
if ($http_user_agent ~ "GetWeb!") {
set $block_user_agents 1;
}
if ($http_user_agent ~ "Go!Zilla") {
set $block_user_agents 1;
}
if ($http_user_agent ~ "Download Demon") {
set $block_user_agents 1;
}
if ($http_user_agent ~ "Go-Ahead-Got-It") {
set $block_user_agents 1;
}
if ($http_user_agent ~ "TurnitinBot") {
set $block_user_agents 1;
}
if ($http_user_agent ~ "GrabNet") {
set $block_user_agents 1;
}
if ($http_user_agent ~ "dirbuster") {
set $block_user_agents 1;
}
if ($http_user_agent ~ "nikto") {
set $block_user_agents 1;
}
if ($http_user_agent ~ "SF") {
set $block_user_agents 1;
}
if ($http_user_agent ~ "sqlmap") {
set $block_user_agents 1;
}
if ($http_user_agent ~ "fimap") {
set $block_user_agents 1;
}
if ($http_user_agent ~ "nessus") {
set $block_user_agents 1;
}
if ($http_user_agent ~ "whatweb") {
set $block_user_agents 1;
}
if ($http_user_agent ~ "Openvas") {
set $block_user_agents 1;
}
if ($http_user_agent ~ "jbrofuzz") {
set $block_user_agents 1;
}
if ($http_user_agent ~ "libwhisker") {
set $block_user_agents 1;
}
if ($http_user_agent ~ "webshag") {
set $block_user_agents 1;
}
if ($http_user_agent ~ "Acunetix-Product") {
set $block_user_agents 1;
}
if ($http_user_agent ~ "Acunetix") {
set $block_user_agents 1;
}
if ($block_user_agents = 1) {
return 403;
}



This is for directory protection. same as place before i mention.
/etc/nginx/sites-available/getflawlessclean.com/server
extra-directory-protection.conf

###
# Extra Directory and file protection
###

location = /wp-admin/install.php { deny all; access_log off; }
location ~* /readme\.html$ { deny all; access_log off; }
location ~* /readme\.txt$ { deny all; access_log off; }
location ~* /licence\.txt$ { deny all; access_log off; }
location ~* /license\.txt$ { deny all; access_log off; }
location = /wp-config.php { deny all; access_log off; }
location ~ ^/wp-admin/includes/ { deny all; access_log off; }
location ~ ^/wp-includes/[^/]+\.php$ { deny all; access_log off; }
location ~ ^/wp-includes/js/tinymce/langs/.+\.php$ { deny all; access_log off; }
location ~ ^/wp-includes/theme-compat/ { deny all; access_log off; }

wp-login.php rate llimit.
/etc/nginx/sites-available/getflawlessclean.com/server

put in server

###
# Rate Limit for wp-login.php
###
location = /wp-login.php {
limit_req zone=one burst=2 nodelay;
limit_req_status 444;
include fastcgi.conf;
fastcgi_pass unix:/run/php/php7.4-getflawlessclean.sock;
}
 

rachidjunk

Active member
Nov 15, 2020
132
64
28
WP Security nginx directives.

Add this conf file to your /etc/nginx/sites-available/domainanme/createanewdirectiory/
Create new directory and ad this file to there. This is blocking all the bad agents from scanning your WP.

block-agent.conf


###
# BLOCK USER AGENTS
###

set $block_user_agents 0;

if ($http_user_agent ~ "Screaming Frog SEO Spider") {
set $block_user_agents 1;
}
if ($http_user_agent ~ "Indy Library") {
set $block_user_agents 1;
}
if ($http_user_agent ~ "libwww-perl") {
set $block_user_agents 1;
}
if ($http_user_agent ~ "GetRight") {
set $block_user_agents 1;
}
if ($http_user_agent ~ "GetWeb!") {
set $block_user_agents 1;
}
if ($http_user_agent ~ "Go!Zilla") {
set $block_user_agents 1;
}
if ($http_user_agent ~ "Download Demon") {
set $block_user_agents 1;
}
if ($http_user_agent ~ "Go-Ahead-Got-It") {
set $block_user_agents 1;
}
if ($http_user_agent ~ "TurnitinBot") {
set $block_user_agents 1;
}
if ($http_user_agent ~ "GrabNet") {
set $block_user_agents 1;
}
if ($http_user_agent ~ "dirbuster") {
set $block_user_agents 1;
}
if ($http_user_agent ~ "nikto") {
set $block_user_agents 1;
}
if ($http_user_agent ~ "SF") {
set $block_user_agents 1;
}
if ($http_user_agent ~ "sqlmap") {
set $block_user_agents 1;
}
if ($http_user_agent ~ "fimap") {
set $block_user_agents 1;
}
if ($http_user_agent ~ "nessus") {
set $block_user_agents 1;
}
if ($http_user_agent ~ "whatweb") {
set $block_user_agents 1;
}
if ($http_user_agent ~ "Openvas") {
set $block_user_agents 1;
}
if ($http_user_agent ~ "jbrofuzz") {
set $block_user_agents 1;
}
if ($http_user_agent ~ "libwhisker") {
set $block_user_agents 1;
}
if ($http_user_agent ~ "webshag") {
set $block_user_agents 1;
}
if ($http_user_agent ~ "Acunetix-Product") {
set $block_user_agents 1;
}
if ($http_user_agent ~ "Acunetix") {
set $block_user_agents 1;
}
if ($block_user_agents = 1) {
return 403;
}



This is for directory protection. same as place before i mention.
/etc/nginx/sites-available/getflawlessclean.com/server
extra-directory-protection.conf

###
# Extra Directory and file protection
###

location = /wp-admin/install.php { deny all; access_log off; }
location ~* /readme\.html$ { deny all; access_log off; }
location ~* /readme\.txt$ { deny all; access_log off; }
location ~* /licence\.txt$ { deny all; access_log off; }
location ~* /license\.txt$ { deny all; access_log off; }
location = /wp-config.php { deny all; access_log off; }
location ~ ^/wp-admin/includes/ { deny all; access_log off; }
location ~ ^/wp-includes/[^/]+\.php$ { deny all; access_log off; }
location ~ ^/wp-includes/js/tinymce/langs/.+\.php$ { deny all; access_log off; }
location ~ ^/wp-includes/theme-compat/ { deny all; access_log off; }

wp-login.php rate llimit.
/etc/nginx/sites-available/getflawlessclean.com/server

put in server

###
# Rate Limit for wp-login.php
###
location = /wp-login.php {
limit_req zone=one burst=2 nodelay;
limit_req_status 444;
include fastcgi.conf;
fastcgi_pass unix:/run/php/php7.4-getflawlessclean.sock;
}
Thanks @simplysexyboy
This kind of high-quality information sharing is really huge and helps a lot!
 

Forum statistics

Threads
38,865
Messages
401,988
Members
109,526
Latest member
waseemaofficial