Fix for High CPU Usage on Siteground

I host(ed) several WordPress sites on Siteground. All of them are low-traffic sites and use between 40 and 1000 CPU seconds per day — nothing to brag about. So I was surprised the other day when I got an email from Siteground saying they were taking all of the sites offline because I had gone over my monthly quota for CPU seconds. I had to pay money to upgrade my account to keep the sites online.

I looked at the logs, and I did see that one of the sites was using around 100,000 CPU seconds per day. It’s not a well-known site, and it is a contest website that isn’t even running the contest right now. My first thought was that it must be the website’s podcast that I started recently, and that it was so popular that thousands of people were streaming my mp3 files which were hosted on the site. So I offloaded the media files to a proxied Amazon S3 bucket, and hoped that would solve the problem. It did not.

The MailPoet Cron Job Was the Problem

So I combed through the access logs, and I found that the problem was the MailPoet cron job. Mailpoet is an email newsletter system for WordPress that integrates very well with WooCommerce and the WordPress system as a whole.

There is a recommended setting in MailPoet to run their PHP cron job every time there is a visitor to the site.LWlA6V7AAAAAElFTkSuQmCC

I use this setting on another website too, and I haven’t ever had any problems with this.

Google Bot Caused the Cron Job Attack

The log files looked something like:

35.209.26.191 mywebsite.com - [31/Mar/2022:22:29:48 +0000] "POST /?mailpoet_router&endpoint=cron_daemon&...  "MailPoet Cron" ...

The IP address every time was 35.209.26.191. I did a lookup, and this is a Google IP address. I wonder why Google was doing this to the site.

The Fix

The first thing I did was to change that cron job setting to make it run server side.

ss cronjob

I copied and pasted the code starting with php into the Siteground section in Site Tools called Dev >> Cron Jobs

At a very infrequent interval. Like I said, the site isn’t really being used a lot right now.

I also blocked that Google IP address in my Wordfence settings.

I did the work around 6pm, and you can see by 9pm how drastically the CPU seconds dropped off.

Screen Shot 2022 03 31 at 8.27.38 PM

I’d like to report that Siteground was compassionate, and after understanding that I had quickly solved the issue, they refunded me the cost to upgrade my account and let me downgrade to where I was before.

I still don’t know why Google was doing this to this one site.

Leave a Comment

This site uses Akismet to reduce spam. Learn how your comment data is processed.

Contact

3420 Pump Rd. #181
Henrico, VA 23233

+1 804 430 9444

Contact Us

Connect