Be part of JetBrains PHPverse 2026 on June 9 – a free online event bringing PHP devs worldwide together.
I've got a $5 month VPS running one Laravel site on Forge and DO. The site has only just gone live and isn't expected to get much traffic, however the DO CPU usage is constantly 100% (memory is around 30%)
The top process in the CPU list is PHP at 3%.
Is it normal for the CPU to be at 100%, or can anyone recommend a minimum droplet size for a live site running Laravel?
Thanks :)
The minimum droplet should be more than enough; CPU should be nowhere near 100%.
Of course, this all largely depends on your application and what sorts of tasks you are performing but if it's supposed to be a somewhat "basic" site, then it sure sounds like there might be something else wrong.
Maybe SSH into the server and run top to see what's consuming all that CPU?
@Nash thanks for the reply. I've run top and I can see php, nginx and blackfire using approx. 3% each, other than that everything else is approx 0.3% or 0% yet the CPU usage still shows as 100%
Is it possible the server is being hit by bots? And is it possible to see this?
I don't really know much about Linux, however the site is operating normally, and is very quick to load!
for bot traffic you will have to see the server logs with SU user... they are /var/log directory.
if there indeed are bot traffic google nginx (Or apache) where you can stop bots based on the headers they use.. you could always restart / create a new DO / update server
Thanks @shez1983 I remembered I installed Papertrail with forge so took a look at that. I can see quite a lot of...
Connection closed by 213.179.181.70 port 44738 [preauth] Connection closed by 213.179.181.70 port 6274 [preauth]
Are these bad?
The domain name was previously used to host a wordpress website which had a security plugin that showed daily unauthorised login attempts from IPs in Russia, China etc.
Could that explain the 100% CPU usage? And would you advise stopping the bots using headers in nginx as above, or is there something else that can be done?
my friend, can you show us the command you had execute in order to know the CPU was at 100% .
also can you show us the output of the "top" command ?
Sounds like you have some very common malicious probing going on which eats up your resources. Try adding the free tier of Cloudflare to your site and make sure you connect the the vm to Cloudflare with a free SSL cert. Cloudflare will allow you to serve the site no matter who is hitting it. These hackers constantly hit every server I have ever worked with. If you examine the log files closely with Papertrail, I would bet that most of the probes are for Wordpress directories and files especially since your domain previously served such files. Scaling up your server for that is probably not going to help but Cloudflare will.
there are also probing for mysql/ phpmyadmin/ etc
so what i have done is looked at the logs to see what they are accessing and their headers then i have modified my NGINX to disallow these use cases and/or if they have certain headers..
and these bots (at least my one) do it every hour (or set times) not all the time..
Please or to participate in this conversation.