0

My host (hostgator) has shut down my websites for what they say is CPU overusage. I'm using wordpress. I've added nothing new, but in their logs I see that there are hundreds of requests for various forms of apple-touch-icon.png.

Example: 

107.182.226.209 mywebsite.com   /apple-touch-icon-120x120.png
107.182.226.209 mywebsite.com   /apple-touch-icon-120x120.png
107.182.226.209 mywebsite.com   /apple-touch-icon.png
107.182.226.209 mywebsite.com   /apple-touch-icon.png
107.72.164.117  mywebsite.com   /apple-touch-icon.png
107.72.164.117  mywebsite.com   /apple-touch-icon.png
107.72.164.27   mywebsite.com   /apple-touch-icon.png
107.72.164.27   mywebsite.com   /apple-touch-icon.png
107.77.169.5    mywebsite.com   /apple-touch-icon-120x120-precomposed.png
107.77.169.5    mywebsite.com   /apple-touch-icon-120x120-precomposed.png
107.77.169.5    mywebsite.com   /apple-touch-icon.png
107.77.169.5    mywebsite.com   /apple-touch-icon.png

Can someone please tell me how to fix this? They say they will not re-enable my hosting until it is resolved and offer no help.

John Morgan
  • 47
  • 1
  • 1
  • 4
  • There's nothing to fix? Certain un-named devices will check for certain files whenever they make a request. Think of it like a favicon for branded devices. – Jonnix Mar 27 '17 at 09:33
  • Hostgator is saying that i've been "abusing CPU resources for an extended period of time" "CPU Seconds used in the past hour: 2851.8, 80% CPU". It has a printout of the issue and there is basically 200 reqests for the apple-touch-icon.png as shown above. I have made no alterations to this site and there has been no updates for months. I am assuming these hundreds of requests for this apple-touch-icon is the cause. I am wondering how I can fix it? – John Morgan Mar 27 '17 at 09:44
  • With just that log to go by, there's nothing we can really say. Is PHP having to spawn when apple-touch* is requested (which it shouldn't)? Even if this was happening a couple of hundred times an house (which does seem odd if it's a low traffic site) I wouldn't expect it to generate much CPU usage at all. Have you actually checked the code to make sure nothing has been changed by a third party? – Jonnix Mar 27 '17 at 09:58
  • Unfortunately, I am not savvy in the slightest when it comes to debugging code. Really, I know close to nothing about server maintenance, php, etc. The site is high traffic -- about 200k visitors per month. Although this is the first cpu usage I've been shutdown for in 3 years. I do not think the site has been changed, wordpress and plugins auto updates have been turned off. – John Morgan Mar 27 '17 at 10:07
  • My only suggestion then is to contract somebody to come and work it out for you in that case. The other alternative I can think of is to move hosting provider, but then if you don't know what's causing the problem, that may not help. – Jonnix Mar 27 '17 at 10:09
  • The hosting person, who knew nothing about it, said the "image" was too large and couldn't be resized properly. I just read about apple-touch-icon; is it possible that there is an error/loop effect/request hammering that occurs when no icon is set, where it tries to resize a screenshot of the entire webpage, and this is causing the issue of cpu overage/many requests? I have added two 100x100 image files of apple-touch-icon.png & apple-touch-icon-precomposed.png to the websites root directory. No idea if this will correct the issue though... – John Morgan Mar 27 '17 at 10:20

2 Answers2

0

This may be an attempt at a brute force attack at your website, given the number of requests and the fact your hosting provider shut down your site for cpu usage. I have websites with wordpress and have seen requests for these files even though they didn't exist. This may indicate that what Jon Stirling said about devices checking for certain files may be correct and it may not be a security issue.

If you want to make sure your website doesn't get shut down for traffic issues, I would recommend the Wordfence Security plugin. Even in the free version, it will block ip's for too many bad login attempts, throttle ip's for accessing the site too often, and it has its own firewall and security scanning tools. It can alert you when there is a security issue on your website.

Michael Ryan
  • 1
  • 1
0

"Hundreds of requests" should not result in your host shutting down your website.

Having said that, if you are using WordPress or Joomla (or any other major CMS), then any hit to a 404 file will result in the whole CMS being loaded. Here's the what happens: if a browser requests a file, then the web server will search for that file in the filesystem, if it can't find it, then it will give control the CMS (through an .htaccess rule) so that the latter can determine what to do with that request. In most cases, the CMS will also return a 404, but only after loading the whole CMS environment. Imagine what would happen when a many 404 requests are simultaneously made to the server (note: we discussed this issue here), that's why it is always a good idea to monitor your 404 errors, and act upon them.

itoctopus
  • 4,133
  • 4
  • 32
  • 44