الوسوم

موسومة بـ incident-response

11 مايو 2026قراءة 15 دقيقةoperations infrastructure
86 CPU spikes in 24 hours: a multi-cause cascade postmortem
A cPanel server fired 86 ChkServd CPU alerts in one day. Four root causes were amplifying each other. The triage, the order of fixes, and the lessons.
#cpanel #chkservd #cpu #performance #incident-response #postmortem
9 مايو 2026قراءة 6 دقيقةoperations infrastructure wordpress
When you have to suspend a WooCommerce client: anatomy
A WooCommerce client burned 40-60% CPU on a shared cPanel box for 48 hours, unreachable. The decision tree, the suspension, and the conversation after.
#cpanel #woocommerce #shared-hosting #incident-response #runbook
7 مايو 2026قراءة 8 دقيقةwordpress operations infrastructure
The corrupted WordPress db.php dropin nobody warned you of
WordPress says the DB connection is down but MySQL is fine, and only one site is affected. The cause is almost always a broken db.php dropin in wp-content.
#wordpress #mysql #cpanel #incident-response #dropins
5 مايو 2026قراءة 6 دقيقةinfrastructure operations
When the client changes DNS without telling you first
Mail dies, AutoSSL stops renewing, the homepage shows a registrar parking page. A short field guide to diagnosing and fixing a silent DNS handover.
#dns #cpanel #autossl #registrar #incident-response
30 أبريل 2026قراءة 16 دقيقةwordpress security
Three real WordPress compromises and how we found them
Three anonymised WordPress compromise postmortems on cPanel: a nulled Elementor Pro backdoor, a wp_options casino injection, and a six-week data exfiltration.
#wordpress #malware #cpanel #incident-response #wp-cli #forensics

موسومة بـ incident-response

86 CPU spikes in 24 hours: a multi-cause cascade postmortem

When you have to suspend a WooCommerce client: anatomy

The corrupted WordPress db.php dropin nobody warned you of

When the client changes DNS without telling you first

Three real WordPress compromises and how we found them