This morning I had a warning from Linode that my server was running hot.
Your Linode, biickert-ca-2020, has exceeded the notification threshold (90) for CPU Usage by averaging 92.7% for the last 2 hours.
Ever since I switched from running this website at our house to being in the cloud, CPU usage on the virtual server was the least of my problems. Let’s face it: this isn’t the busiest site in the world. I started by just restarting (no effect) and applying all patches (no effect).
I checked the apache access log, and sure enough, there was a single IP address that was just hammering my site. It was somewhere in Florida, according to an IP lookup tool. I made sure that this wasn’t like the time when people were spamming the comments, and it wasn’t. Just someone trying to find a security weakness, I guess.
It took me a while to figure out the correct configuration of apache to block access to that IP address. But now I can see that the traffic is still coming in, but it’s immediately being rejected. It would be better to shut it down at a firewall level, but this is good enough.
