FastCGI Timeouts on Wordpress

Support
,
1

Description

Got a report from a customer of issues when making changes to their wordpress site. Upon looking at their error_log, I’m seeing a lot of entries akin to the following:
[Sun Jan 26 22:39:38.344392 2025] [proxy:error] [pid 1257084:tid 1330862] (70007)The timeout specified has expired: AH00941: FCGI: failed to acquire connection for (localhost:8000)
and
[Sun Jan 26 22:39:38.431416 2025] [:error] [pid 1257084:tid 1257093] [remote IP_HIDDEN:58048] client denied by server configuration: /home/virtual/site17/fst/var/www/html/wp-admin/admin-ajax.php, referer: https://domain.com/wp-admin/post.php?post=136&action=edit

I’m not sure if those client denied messages are because of the timeout, a different issue all together, or the cause of the timeout, but for the moment I’m at a loss and could use some direction on diagnosing this or applying some config changes to aleviate the issue!

Steps to Reproduce

  • Wordpress Site with the following plugins/themes: ACPT, Real Media Library, WP CLI Login Command Server, Bricks/Bricks Child Theme
  • Upload media/make changes to the site

Expected Behavior

Changes/updates to the site are made, request completes within a reasonable amount of time and the site is viewable.

Actual Behavior

The request times out, and subsequent visits to the site for a sporadic amount of time result in intermittent issues simply accessing the site.

Environment

ApisCP version: cpcmd misc:cp-version
revision: 3ec2e7884c258580fa707cfe827a4269861007c6
timestamp: 1730519492
ver_maj: 3
ver_min: 2
ver_patch: 45
ver_pre: ‘’
dirty: false
debug: false

Operating System: uname -r
4.18.0-553.30.1.el8_10.x86_64

Additional relevant information (e.g., PHP version, database, etc.):
PHP 8.3
mariadb Ver 15.1 Distrib 10.11.10-MariaDB, for Linux (x86_64) using readline 5.

Note: though this is happening heavily on one site, it has been reported on another of this customer’s WP sites as well, but the ‘outage’ so to speak isnt anywhere near as bad.

2

Also worth noting i just tested this myself by adding some text and it just bombed out, so this isnt even a matter of something like media uploads.

3

Worker slots are maxed out for the site. By default, 5 concurrent requests are processed with a 10s backlog for pending requests. This is a good balance for basic sites without substantial traffic while still blocking extreme traffic situations from malicious bots.

To raise the worker slots, modify the policy. For example, to raise the workers to 10 for “site12”:

cpcmd php:pool-set-policy site12 workers 10

Worker traffic can be discovered under Web > PHP Pools or by inspecting the “Status” line with systemctl status php-fpm-site*-.service

4

Weirdly enough when I increased the limit to 10 and made the same change I immediately got a connection refused. Upon reloading the ApisCP Panel I was informed my IP had been blocked by evasive for a potential DOS attack. So I’m guessing there is a lot of concurrent changes/requests happening in the background with that WP editor that tripped some other security measures?

5

Check your access_log - /home/virtual/site2/shadow/var/log/httpd/access_log

6

Ahh, yeah there is something to the tune of 150 requests within like 2 minutes! All POST requests to /wp-admin/admin-ajax.php when I think saving the specific info I was editing to test.

7

Typical bad coded theme or plugin. But if you are the only one editing it, you can whitelist yourself from evasive.

cpcmd scope:set apache.evasive-whitelist 1.2.3.4

1 Like
8

That’s one approach. Another is using Toolbox built by @anatoli to bypass thresholds when logged in. Saving at 60 Hz might be a little extreme considering the average typist is 40 wpm or ~3 characters per second - assuming 5 characters per word - so every 20th postback has something meaningful…