Today one of our clients contacted us. Their website had been suspended and taken offline by their web host due to high CPU cycles. There was no phone call, no support, no warning, no explanation, no troubleshooting of what was going on or why the website was taken offline other than telling the site owner “too many compute cycles” for the shared environment.
This is the second time in 30 days we have heard this.
Why is WordPress using so many high CPU cycles?
The site in question is a simple site which receives around 150 unique visitors each day. So what is the problem?
In both cases WordPress was under attack. WordPress being attacked is very common. The attack is typically a brute force attempt on the login screen. Simple solutions include renaming the wp-login.php file or installing a firewall to block IPs that attempt to login multiple times such as Limit Login Attempts, iThemes Security, or WordFence.