My wordpress web site has been crawling for a while, and last week it went down all together. Dreamhost said that this tiny web site was using too many server resources. They recommended deactivating some of the plugins.
I shut down All-in-One SEO and Jetpack. That got the site back up, but it was still very slow. Dreamhost said they were still choking it for using too many server resources.
I then started shutting off parts of Better WP Security that were known resource hogs. I was reluctant to do this because the site has been hacked before (involving days for me to fix), and there was a blatant attempt last week (over 100 spam comments hit all at once on Valentines Day). There were also a lot of DDOS attacks and a large scale brute force attack specifically targeted at Wordpress sites. It seems to me that fending stuff like this off could have involved an unusual amount of security resources, but all Dreamhost would say is my site, which supposedly has “unlimited bandwidth” was using too much.
While trying to speed up the load time, I found that the caching plugin, WP Super Cache, wasn’t effective anymore. I tried to replace it with Hyper-Cache, but I couldn’t get the cron job for the cleaning process to start. Dreamhost then suggested W3 Total Cache. This involved editing htaccess, editing wp-config, deleting files and folders, changing permissions, etc. In the course of doing this, I managed to break the web site again. Removing W3 Total Cache manually from the plugins folder and reversing everything I did would not bring the site back online.
Dreamhost then suggested removing htaccess. Editing htaccess so it looked the same as my other dreamhost sites didn’t help. I ended up removing it all together. The web site is back up, but all the security measures that were in htaccess are now gone.
Now I am back at square one, with the web site loading extremely slowly (probably because Dreamhost is still choking it), with crippled security (no htaccess, half my security measures turned off) and no caching.
Dreamhost takes 1-2 days to respond to each email, so the web site has been down for a few days at a time twice, and glacial slow the rest of the time. The emails are often redundant and point me to wikis with instructions that are a bit beyond my capabilities. I managed to install PuTTY and connect to the server, but most of the commands in the wiki don’t work. When I did get a process list, the processes all looked normal to me…except one that was in a GAMES directory(!) That directory is nowhere in the web site, and if that thing is the culprit, then my web site is being penalized for something we don’t even use!
I am extremely frustrated by this situation. It’s taking way too long to resolve. The owner of the web site has tried to flag Dreamhost support on Twitter, but they just say they will get back to us ASAP while another day goes by.
This is a small, relatively simple web site. It’s mostly static. No video, standard recommended plugins. The account has “unlimited” bandwidth and storage space, so there should be no problem at all here. I could swear Dreamhost even used to guarantee 99.9% up time.
Yet, Dreamhost itself is choking the site and not being very explicit as to how I can address that. I’ve ended up without caching, which just makes the problem worse. I’ve been dismantling security measures knowing full well that if we get hacked again, I’m going to be spending days manually trying to clean the site up.
This whole situation is just not right. If Dreamhost has a legit beef with the processes the web site is using, they should be able to tell me what to do about it - in ways that don’t wreck the web site or leave it vulnerable to new hacking attempts.