Does anybody know if fail2ban-server (which blacklists connections to prevent DDOS attacks) get activated when people enter the wrong password too many times on the ERPNext web interface? Or does it get activated when a ssh connection is attempted?
fail2ban-server ends up occupying close to 100% CPU utilization and makes ERPNext crawl.
The other reason is frappe gunicorn makes the CPU utilization climb up to close to 100%. Anybody know why? And how to manage this?
I had the same problem on a server that was an image mirror of another functional server. I deleted everything in the site_config.json except the db_name and the db_password lines, then executed the following commands:
bench setup nginx
sudo service nginx reload
bench restart
I am not sure why it seemed to work, but fail2ban stopped eating up all my cpu time. I cannot say for sure this was a solution, I just know that when I did this it worked. (v10.0.14) My circumstances were also a bit unique for using a copy of a disk image to get a running system.
Your mileage may vary…
Best not to do such things on a live production server during the business day.