All new Registrations are manually reviewed and approved, so a short delay after registration may occur before your account becomes active.
Sudden High CPU Usage and Website Timeouts on RackNerd Shared Hosting – Seeking Advice
shajeeafzal
Member
Hello everyone,
I'm currently hosting several small WordPress websites (mostly simple, 4–5 pages each) on RackNerd's shared hosting plan, which I've been using for the past two years. A few days ago, I began receiving repeated timeout notifications from monitoring services like HetrixTools and Pulsetic. Initially, I thought these were temporary issues, but the problem persisted. Upon further inspection, all my websites are experiencing slow loading times and frequently showing Cloudflare’s "Web server is returning an unknown error" message. I also noticed websites not using Cloudflare CDN are similarly affected, ruling out a Cloudflare-specific issue.
After reaching out to RackNerd's support team, they indicated that there were no known issues or resource over-utilization at the server level. However, they mentioned that my cPanel account is hitting its resource limits, specifically noting CPU utilization spikes up to 37% whenever any of my sites are loaded.
The confusing part is that I haven't recently updated, modified, or added any new content or websites. All my WordPress installations are fully updated, and I’ve even cleaned up unused sites and data from the cPanel account to reduce potential resource usage—unfortunately, this hasn't resulted in any improvement. Additionally, prior to this incident, my sites consistently scored well on Google PageSpeed Insights (90+ desktop, 80+ mobile), indicating generally optimized performance.
Traffic analysis shows no unusual spikes or patterns—traffic levels are actually minimal, so high resource utilization due to traffic is unlikely.
RackNerd insists the issue isn't on their end. Apart from migrating to another hosting provider, I'm not sure what else I can do. I've already upgraded my cPanel account RAM from 1GB to 2GB, but this hasn't helped.
Has anyone encountered something similar, or could you recommend any additional troubleshooting steps I might have overlooked? Any advice would be greatly appreciated.
Thank you!
Comments
HetrixTools Stats for one of the sites:
Noisy neighbours with lots of sisters most likely
This is maybe your mistake. WordPress need constant maintenance and updates.
Things that always made my WordPress site have a high load:
Try to disable XMLRPC and change login URL.
Did you check logs, anything suspicious? how hard is it for you to redo your installation? Might be an option.
also:
Hi @shajeeafzal -- Thank You for placing an order with RackNerd 👊 We sincerely value your business and look forward to growing with you.
We've gone ahead and doubled your cpu usage successfully.
I meant I haven't changed any themes, added plugins or added new websites. All of my websites have their WordPress updated along with all the plugins.
XMLRPC is disabled on all sites however, the login URL is indeed default. But I have security plugins that ban IPs on 3 wrong tries and shoots me a notification email. I haven't received any such notifications. So I don't think anyone is bruteforcing these sites.
But again, 2 years of hosting and these timeouts starts 3 days ago. Couldn't be due to this.
Have you manually checked and omitted each of the 10,000 badly coded Wordpress plugins you have installed?
I don't install unnecessary and uncommon plugins on my sites. Just bare minimum and most of the sites have below 10 plugins.
Except the ones that have 10,000.
AI posts aren't allowed on LET: https://lowendtalk.com/discussion/192140/humans-only-please/p1
(yes, I have reported such posts, but often they don't seem to get removed for some reason)
My guess is your site got hacked and your hosting is being used to something shady.
Do a Wordfence scan and see if there's anything shady
I do weekly backups. Every now and then I see random stuff and reset my server and reload Wordpress. Change security keys and sudo user etc to be safe.
It’s prob just the Automattic stealing quietly to attack WP Engine and deny involvement.
This post wishes AI was this good.