Experiencing lags from time to time (10-30 seconds to load a page)

Community Support Web
1

Hello,

There is an issue that I have on my VPS that I’ve been trying to resolve for weeks.

I am on HestiaCP, PHP FPM, Mariadb, NGINX only.

I’m on a VULTR plan High Frequency with 2 vcpu 4gb ram and an SSD.

On htop my CPU is almost never fully used, load average is at 0.43 0.36 0.66 for an uptime of 4 days.

Even when I have the most trafic, I’m at around 800mb - 1.3gb ram used

i/o seems always fine.

But i still have this issue that from time to time for like 10-20mn almost randomly (but often at around 17-18h) It lags like hell.

I’m going from 0.01 seconds to load a page to like 30 seconds to just show the page and then 30 seconds more to show the pictures.

Do you have any ideas? I’ve been on it for weeks, googling, forums, chatgpt, but I can’t find what would cause that.

(I’m learning so maybe I’m missing something, I’m a total noob).

Here is one of my websites if needed: https://www.antennerequin.com I’m on cloudflare cache everything + cache enabler, and it is pretty much well optimized.

If you break the cache it loads pretty slow (I think that’s normal? Even though it was better on shared hosting - hostinger - I’m not sure if that is an issue) but when the lag I’m talking about occurs, it is like 30x worse

If you’re wondering why I’m posting that here, it’s because, I really like HestiaCP which is for me the best panel, but I still have a lot of things to understand about it, and I tried to optimize it the best I could, ended deleting a lot of Hestia Crons in the Panel, and tried some customizations of mariadb/nginx with chatgpt

And maybe that will resonate with someone that is going to instant know that I did a big mistake somewhere around here and destroyed the way hestia worked xD

Thanks in advance (I hope my english is ok haha)

2

The fact is that CF very often creates such difficulties, especially during peak hours, disable CF and test for a couple of days. Use Nginx cache Hestia, install Redis and see.

Your Kadenсe theme is good, but still a little heavy, you can try Blocksy, it is better optimized. Although your Google Analytics is dragging your numbers down, when you disable CF you will see a difference.

Снимок экрана_20250116_171129
Снимок экрана_20250116_1711291241×519 80.5 KB

Снимок экрана_20250116_171547
Снимок экрана_20250116_1715471071×555 46.7 KB

Снимок экрана_20250116_171725
Снимок экрана_20250116_1717251155×149 41.2 KB

3

Thank you so much for your answer!

I’ll try that, when you say disable CF, it means removing the “proxying” thing or creating a rule for bypassing cache or completely removing it?

Otherwise I had redis in the past but it was weird:

First week everything is ok, from 300 queries to 40, 1-2 seconds to load the wordpress backend

Second week: still 40 queries but more like 10-20 seconds to load the backend, and when I disable Redis, everything is back to normal

(I have 20 wordpress (but very low trafic on 19 of them) and I had setup a key for each cache)

Did you had that issue too?

I enabled Fastcgi for the moment, thank you so much for your help

4

СF only DNS, proxy off.

5

I can’t believe how you got this, to be honest I don’t know how that’s possible

My HTML/PHP/CSS websites are fine on CF proxy, but it seems you were right, it stopped lagging with proxy off on my wordpress site, and the other one with proxy on is still lagging (it’s 18h in france)

You really are the best ahahah, do you have an alternative to still hide the IP of my server?

Can’t say thank you enough

6

It’s also possible that you haven’t added a plugin for each site. There are many ways to get your server IP even for CF(don’t worry about it), use for example Fail2ban+ Nginx. Also test the cache usage time for your Woocommerse cart, maybe it should be reduced, for example 30 minutes

7

Thanks a lot man, I did everything and my problem is solved, you’re really the best!

I’m still thinking about installing nginx ultimate bad bot blocker, but as I can see, I’m probably going to have a hard time installing it on Hestia (compatibility, etc), so I’m not sure if I’ll do it or not haha, maybe I’ll pay someone

8

Just copy robots.txt this into your website folder /home/user/web/opensource. angellive.ru/public_html (Replace user and website with yours). Also copy bots.d to /etc/nginx, and [conf.d](https:// GitHub - mitchellkrogza/nginx-ultimate-bad-bot-blocker: Nginx Block Bad Bots, Spam Referrer Blocker, Vulnerability Scanners, User-Agents, Malware, Adware, Ransomware, Malicious Sites, with anti-DDOS, Wordpress Theme Detector Blocking and Fail2Ban Jail for Repeat Offenders) from the repository to your /etc/nginx/conf.d two files: 1. botblocker-nginx-settings.conf and globalblacklist.conf. In this case, edit botblocker-nginx-settings.conf, it will look like this

##############################################################################                                                                
#       _  __     _                                                          #
#      / |/ /__ _(_)__ __ __                                                 #
#     /    / _ `/ / _ \\ \ /                                                 #
#    /_/|_/\_, /_/_//_/_\_\                                                  #
#       __/___/      __   ___       __     ___  __         __                #
#      / _ )___ ____/ /  / _ )___  / /_   / _ )/ /__  ____/ /_____ ____      #
#     / _  / _ `/ _  /  / _  / _ \/ __/  / _  / / _ \/ __/  '_/ -_) __/      #
#    /____/\_,_/\_,_/  /____/\___/\__/  /____/_/\___/\__/_/\_\\__/_/         #
#                                                                            #
##############################################################################                                                                

# Version 1.1
# ! new directives also to be added to include_filelist.txt ! #



variables_hash_max_size 4096;
variables_hash_bucket_size 4096;
limit_req_zone $binary_remote_addr zone=flood:50m rate=90r/s;
limit_conn_zone $binary_remote_addr zone=addr:50m;

# ****************************************************************************
# NOTE: IF you are using a system like Nginx-Proxy from @JWilder
# ****************************************************************************
# Repo URL: https://github.com/jwilder/nginx-proxy
# You will need to comment out the first line here as follows. 
#     #server_names_hash_bucket_size 128;
# You will also need to modify the nginx.tmpl file to add the default include
#     include /etc/nginx/conf.d/*
# ****************************************************************************

To update, use manual

cd /etc/nginx/conf.d && sudo wget https://raw.githubusercontent.com/mitchellkrogza/nginx-ultimate-bad-bot-blocker/master/conf.d/globalblacklist.conf -O /etc/nginx/conf.d/globalblacklist.conf && sudo nginx -t && sleep 5 && sudo service nginx reload && cd

Or configure automatic from repository update-ngxblocker. Restart Nginx on the server. You won’t be able to pay me, I live in the Russian Federation, remember me in joy, that’s enough)

Снимок экрана_20250119_212337
Снимок экрана_20250119_212337776×510 69.7 KB

Снимок экрана_20250119_212439
Снимок экрана_20250119_212439663×520 74.1 KB