Keywords: WordPress - AWS - Technical issue - Secure Connections (SSL/HTTPS)
Description:
I'm running wordpress on AWS bitnami stack, My architecture is
CLIENT------WAF------ALB---------NATGATEWAY-------PrivateInstace(Wordpress).
My server is going down again and again, when I simulated traffic on the website to see after how many simultaneous requests, my website is going down, It could only handle around 70 requests and then my CPU Utilization went 100%. I have contacted Route53, and EC2 team and they mentioned that I should generate a case here.
I have 2 SSL certificate installed on ALB, one for www.criticalcontrol.com
and one wildcard *.criticalcontrol.com
. Recently route 53 team mentioned to make changes in the location as below:
define('WP_SITEURL', 'https://criticalcontrol.com');
define('WP_HOME', 'https://criticalcontrol.com');
after that we were getting 301 Moved Permanently using command "curl -I localhost", to deal with this we accepted 301 error in ALB.
I'm not getting why this is happening and because of that I have to use failover routing in route53 to make sure website is always up using secondary resource(old instance)
I'm attaching some error logs as well:
[Wed Jan 13 16:17:27.540947 2021] [proxy_fcgi:error] [pid 7073:tid 140313377085184] [client 172.16.2.185:4460] AH01071: Got error 'PHP message: PHP Warning: getimagesize(): SSL operation failed with code 1. OpenSSL Error messages:\nerror:1416F086:SSL routines:tls_process_server_certificate:certificate verify failed in /opt/bitnami/apps/wordpress/htdocs/wp-content/themes/mitech/framework/class-image.php on line 98PHP message: PHP Warning: getimagesize(): Failed to enable crypto in /opt/bitnami/apps/wordpress/htdocs/wp-content/themes/mitech/framework/class-image.php on line 98PHP message: PHP Warning: getimagesize(https://criticalcontrol.com/wp-content/uploads/2020/04/protrendimage-1.png): failed to open stream: operation failed in /opt/bitnami/apps/wordpress/htdocs/wp-content/themes/mitech/framework/class-image.php on line 98PHP message: PHP Warning: getimagesize(): SSL operation failed with code 1. OpenSSL Error messages:\nerror:1416F086:SSL routines:tls_process_server_certificate:certificate verify failed in /opt/bitnami/apps/wordpress/htdocs/wp-content/themes/mitech/framework/class-image.php on line 98PHP message: PHP Warning: getimagesize(): Failed to enable crypto in /opt/bitnami/apps/wordpress/htdocs/wp-content/themes/mitech/framework/class-image.php on line 98PHP message: PHP Warning: getimagesize(https://criticalcontrol.com/wp-content/uploads/2020/04/netflowimage-1.png): failed to open stream: operation failed in /opt/bitnami/apps/wordpress/htdocs/wp-content/themes/mitech/framework/class-image.php on line 98PHP message: PHP Warning: getimagesize(): SSL operation failed with code 1. OpenSSL Error messages:\nerror:1416F086:SSL routines:tls_process_server_certificate:certificate verify failed in /opt/bitnami/apps/wordpress/htdocs/wp-content/themes/mitech/framework/class-image.php on line 98PHP message: PHP Warning: getimagesize(): Failed to enable crypto in /opt/bitnami/apps/wordpress/htdocs/wp-content/themes/mitech/framework/class-image.php on line 98PHP message: PHP Warning: getimagesize(https://criticalcontrol.com/wp-content/uploads/2020/04/prochartimage.png): failed to open stream: operation failed in /opt/bitnami/apps/wordpress/htdocs/wp-content/themes/mitech/framework/class-image.php on line 98PHP message: PHP Warning: getimagesize(): SSL operation failed with code 1. OpenSSL Error messages:\nerror:1416F086:SSL routines:tls_process_server_certificate:certificate verify failed in /opt/bitnami/apps/wordpress/htdocs/wp-content/themes/mitech/framework/class-image.php on line 98PHP message: PHP Warning: getimagesize(): Failed to enable crypto in /opt/bitnami/apps/wordpress/htdocs/wp-content/themes/mitech/framework/class-image.php on line 98PHP message: PHP Warning: getimagesize(https://criticalcontrol.com/wp-content/uploads/2020/04/equipmentimage.png): failed to open stream: operation failed in /opt/bitnami/apps/wordpress/htdocs/wp-content/themes/mitech/framework/class-image.php on line 98PHP message: PHP Warning: getimagesize(): SSL operation failed with code 1. OpenSSL Error messages:\nerror:1416F086:SSL routines:tls_process_server_certificate:certificate verify failed in /opt/bitnami/apps/wordpress/htdocs/wp-content/themes/mitech/framework/class-image.php on line 98PHP message: PHP Warning: getimagesize(): Failed to enable crypto in /opt/bitnami/apps/wordpress/htdocs/wp-content/themes/mitech/framework/class-image.php on line 98PHP message: PHP Warning: getimagesize(https://criticalcontrol.com/wp-content/uploads/2020/08/labtesting.png): failed to open stream: operation failed in /opt/bitnami/apps/wordpress/htdocs/wp-content/themes/mitech/framework/class-image.php on line 98PHP message: PHP Warning: getimagesize(): SSL operation failed with code 1. OpenSSL Error messages:\nerror:1416F086:SSL routines:tls_process_server_certificate:certificate verify failed in /opt/bitnami/apps/wordpress/htdocs/wp-content/themes/mitech/framework/class-image.php on line 98PHP message: PHP Warning: getimagesize(): Failed to enable crypto in /opt/bitnami/apps/wordpress/htdocs/wp-content/themes/mitech/framework/class-image.php on line 98PHP message: PHP Warning: getimagesize(https://criticalcontrol.com/wp-content/uploads/2020/08/supply-image.png): failed to open stream: operation failed in /opt/bitnami/apps/wordpress/htdocs/wp-content/themes/mitech/framework/class-image.php on line 98', referer: https://criticalcontrol.com/?wordfence_syncAttackData=1610554609.4314
In addition to this in my atop logs:
PRC | sys 3m56s | user 40m22s | | #proc 83 | #trun 3 | #tslpi 457 | | #tslpu 0 | #zombie 0 | clones 58835 | | #exit 1 |
CPU | sys 1% | user 15% | irq 0% | idle 84% | wait 0% | steal 0% | guest 0% | | ipc notavail | cycl unknown | curf 2.40GHz | curscal ?% |
CPL | avg1 0.96 | avg5 0.52 | | avg15 0.33 | | | csw 40425041 | intr 12571e3 | | | numcpu 1 | |
MEM | tot 1.9G | free 82.3M | cache 350.3M | dirty 0.3M | buff 107.4M | slab 88.9M | slrec 62.3M | shmem 106.4M | shrss 0.0M | vmbal 0.0M | hptot 0.0M | hpuse 0.0M |
SWP | tot 0.0M | free 0.0M | | | | | | | | | vmcom 4.3G | vmlim 997.8M |
PAG | scan 239358 | steal 228648 | stall 0 | | | | | | | | swin 0 | swout 0 |
DSK | xvda | busy 99% | read 40577 | | write 607512 | KiB/r 23 | KiB/w 14 | MBr/s 0.0 | MBw/s 0.1 | | avq 1.00 | avio 125 ms |
DSK | xvda1 | busy 0% | read 40083 | | write 607511 | KiB/r 23 | KiB/w 14 | MBr/s 0.0 | MBw/s 0.1 | | avq 1.64 | avio 0.58 ms |
DSK | xvda15 | busy 0% | read 382 | | write 1 | KiB/r 8 | KiB/w 0 | MBr/s 0.0 | MBw/s 0.0 | | avq 5.70 | avio 0.28 ms |
DSK | xvda14 | busy 0% | read 58 | | write 0 | KiB/r 4 | KiB/w 0 | MBr/s 0.0 | MBw/s 0.0 | | avq 1.00 | avio 0.62 ms |
NET | transport | tcpi 1468019 | tcpo 1519096 | udpi 136724 | udpo 137412 | tcpao 97923 | tcppo 70643 | tcprs 3183 | tcpie 0 | tcpor 7722 | udpnp 0 | udpie 0 |
NET | network | ipi 1604759 | ipo 1580629 | | ipfrw 0 | deliv 1605e3 | | | | | icmpi 0 | icmpo 39 |
NET | eth0 ---- | pcki 1745400 | pcko 1272748 | sp 0 Mbps | si 118 Kbps | so 235 Kbps | coll 0 | mlti 0 | erri 0 | erro 0 | drpi 0 | drpo 0 |
NET | lo ---- | pcki 310705 | pcko 310705 | sp 0 Mbps | si 64 Kbps | so 64 Kbps | coll 0 | mlti 0 | erri 0 | erro 0 | drpi 0 | drpo 0 |
Why my xvda is always busy?, Is this a normal behavior?
Bitnami failed to upload bitnami support information, so I have provided the link in Message, to bitnami support agent.