Long time update. Not sure if this is still relevant, but after applying the above I'm getting this error:
sh: /usr/local/directadmin/scripts/custom/all_post.sh: Permission denied
Trying to limit access to phpmyadmin except myself because I'm seeing a lot of traffic...
Found out a searchbot AspiegelBot was hammering the site relentlessly.
Blocked its entire IP range and things look normal again. Rookie oversight by me.
Thanks all for the help and Zhenyapan for showing me 'the light'... ;)
User "amerikaa" is a site with just very quiet phpBB-forum.
Although the forumsoftware is a bit outdated, I did notice there were only 2 users only and about 300 'guests' online and causing the load.
Tried to change and turn-off some forum-settings like Gzip-compression and some search functions...
Thanks for the replies.
The top-command shows mysql is heavily used (as usually on the server), and thinking about it some more this could lead to the high load alone perhaps.
Pretty much all sites/accounts on the VPS are under my control and most of them are fairly 'stationary'...
I'm experiencing a steadily increasing CPU and Network-load over the past year and I think maybe even longer before.
My VPS has 2 cpu's but the load according to the VPS-hoster is on average around 90%, so 1 CPU is almost fully busy. I think that's way too much for the number of accounts (60)...
What I don't get with the CSF/BFM combo is that a legimate user has only exactly say 3 tries to login before he's blocked, while just about every botnet-IP can still hammer away at a WP-site multiple times a second, for a number of minutes.
That's a nice start.
(But how many existing admins ever visit the main website of DirectAdmin anymore?)
I would perhaps suggest to add something like a 'browse repository'-option to DA's existing Plugin Manager-page itself;
I took the idea from projects like Wordpress and phpBB-forums, but php is easier to check perhaps.
Maybe a week or 2 testing 'in quarantine' and checking the plugin's behavior or in/output could provide a reasonable safety check for the repository.
If, by any chance, a plugin starts acting up...
I currently think 'any' available and/or useful plugins for DirectAdmin are now simply "invisible", unless you really go looking for some through search engines.
I know this would be a big thing to build and/or safely incorporate into DA, but, how about creating a dedicated DA Plugin Repository...
Just got a similar warning-message:
Latest version of Exim: 220.127.116.11
Installed version of Exim: 18.104.22.168
s-nail: Warning: $LOGNAME (admin) not identical to user (root)!
s-nail: Warning: $USER (admin) not identical to user (root)!
Latest version of s-nail: 14.9.16
Installed version of s-nail...
So I guess a 'CTRL-Z' back to the former CPanel-setup is out of order at this point then? ;)
As for the account creation, I'm sure you're able to enable the debug-mode and see what's holding everything up.
Does the same happen on a fresh test-server with only say, 1, 10 or 100 installed...
Why do you presume your website is good and the 'servers' are slow?
If GoDaddy only had slow servers I doubt they would have much customers after a while.
Check your own site first. Plenty of tools available for that online to find out what exactly is slowing everything down.