Sysadmin Nginx 100% use Cpu

Upgrading servers just to handle good bots isn't ideal as there's no guarantee the good search bots crawling your site means you get indexed in a search rank that provides any visitors to you anyway. Rate limiting (not blocking) good bots won't affect your search ranking unlike blocking the bot.

Also there's fake bots which disguise themselves by changing their user agent strings to pretend to be good bots too.

Also if they're legit bingbots, using bing webmaster tools for your site (like google webmaster tools), you can control bingbot's crawl rate Crawl Control - Bing Webmaster Tools. But if they're fake bingbots, such crawl rate control won't work and need rate limiting in place.

---

 

maybe you'd have to diagnose that unfortunately

no in Bing Webmaster Tools which you should sign up to like Google Webmaster Tools and add your domain/site profile for SEO analysis and crawl rate controls i.e. for my forums

Bing Webmaster Tools

 

heavy crawling from bingbot and google image bot crawlers seems to be most likely - that can be normal if legit you just need to change the crawl rates + rate limiting

can also be fake bots too

 

FYI, from my Sucuri stats 67% of all blocked attacks are from bad bots !

 

fail2ban + rate limiting is good. But external WAF like Cloudflare probably better for some attacks. But Cloudflare shouldn't slow down page download times when setup correctly, especially these days as Cloudflare has launched so many datacenters to cover every part of the world.

 

Google Crawl speed isn't fully indicative of page load speed globally around the world. Use Webpagetest.org to test page speed from several of the top visitor countries to your site https://community.centminmod.com/th...getest-org-for-page-load-speed-testing.13859/. Cloudflare setup is up to you but for asking other members about Cloudflare setup post a new thread in forum at https://community.centminmod.com/forums/domains-dns-email-ssl-certificates.44/

 

You have 4 cpu threads, so using one fully shouldn't be a problem though ? or was it causing problems/performance issues ?

what does ngxtop and logs say those connections are from and where they're directed to request/url wise Sysadmin - Nginx 100% use Cpu ?

 

Oh these are @upgrade81's servers not yours ? Using latest Nginx 1.15.5 ? CentOS 6 or 7 ? KVM/OpenVZ/Xen ?

You've PM'd me about this before ? Don't have any recollection heh. His Wordpress installs if installed via centmin.sh menu option 22 do they have additional rate limiting and workaround for Wordpress - Wordpress DOS Attack Flaw Security CVE-2018-6389 ?

 

Shouldn't matter as long as nginx and sites run fine with there's other nginx workers to handle the load. sounds like some of sort of slow DDOS like resource consuming attack like traffic patterns ???

same IPs ? you should inspect the traffic patterns to see where it's coming from and where it's being directed