Security, Troubleshooting

AutoSSL Let’s Encrypt Rate Limiting

You’ve just completed a cPanel server migration. The accounts are transferred, DNS is propagating, everything looks good… until you check the AutoSSL logs and see this staring back at you: WARN AutoSSL failed to create a new certificate order because the server’s Let’s Encrypt account (https://acme-v02.api.letsencrypt.org/acme/acct/XXXXXXX) has reached a rate limit. (429 urn:ietf:params:acme:error:rateLimited) Every domain […]

AutoSSL Let’s Encrypt Rate Limiting Read Post »

Security

How to Fix CSF/LFD “Excessive Resource Usage” Floods for PHP-FPM and dbus on AlmaLinux 9

If you have recently migrated to AlmaLinux 9 (or any RHEL 9 derivative) and run ConfigServer Security & Firewall (CSF) with Login Failure Daemon (LFD), you have probably noticed your inbox filling up with alerts like these: Time: Wed Feb 19 03:14:22 2025 Account: root Resource: Virtual Memory Size Exceeded: 384 > 256 (MB) Executable:

How to Fix CSF/LFD “Excessive Resource Usage” Floods for PHP-FPM and dbus on AlmaLinux 9 Read Post »

PHP, Scripts

Bulk PHP-FPM Pool Tuner for Existing Accounts

WHM only applies PHP-FPM settings to new accounts, and as we know, the cPanel defaults may not be appropriate for higher-traffic sites. This script updates all existing accounts. #!/bin/bash # bulk-phpfpm-tuner.sh # Updates PHP-FPM pool settings for all accounts based on server RAM TOTAL_RAM_MB=$(free -m | awk ‘/^Mem:/{print $2}’) RESERVED_MB=2048 # Reserve for OS/MySQL ACCOUNTS=$(whmapi1

Bulk PHP-FPM Pool Tuner for Existing Accounts Read Post »

Fixes, Howto, PHP

PHP-FPM pm.max_children Reached on cPanel Servers

See Also: Bulk PHP-FPM Pool Tuner for Existing Accounts If you manage cPanel servers, you have almost certainly encountered this log entry at some point: [pool username] WARNING: server reached pm.max_children setting (5), consider raising it It looks simple enough. PHP-FPM is telling you it ran out of worker processes to handle incoming requests. But

PHP-FPM pm.max_children Reached on cPanel Servers Read Post »

Apache, Howto, Linux, Networking, Security

PCI DSS Compliance Cookbook for cPanel Servers

If you’re running cPanel servers that process, store, or transmit credit card data, or even connect to systems that do, PCI DSS compliance isn’t optional. It’s a requirement that carries real financial and legal teeth. With PCI DSS v4.0.1 now fully enforced (the March 31, 2025 deadline for all “best practice” requirements has passed), every

PCI DSS Compliance Cookbook for cPanel Servers Read Post »

Scroll to Top