Cloudron services are slow

Hello Cloudron Team,

After further investigation into the server performance issues, we've identified some suspicious activity that may not be related to Cloudron itself. Here's a summary of our findings:

1. System and Security Checks Performed:
   • We confirmed that no software other than Cloudron was intentionally installed before today.
   • We reviewed recent command history to ensure no unintended actions were performed manually.
2. Unrecognized User Activity:
   • Initially, we noticed a MySQL instance running under the user pollinate, which is not part of Cloudron’s standard services.
   • Upon further analysis, we found that after removing the pollinate user, a new user with UID 106 took over running similar services, including MySQL, PostgreSQL, and MongoDB.
   • Most recently, these processes have transitioned to running under the netdata user, which we installed today for monitoring purposes.
     • is it possible it’s a malicious entity changing user each time ?
3. System Observations:
   • We have gathered the following screenshots for further analysis:

     • Service View Screenshot: (Attach the image)
       

     • System Info Screenshot: (Attach the image)
       

     • Top Command Output Screenshot: (Attach the image)
       

       update of the screenshot for our wordpress service, very high CPU usage, how can we investigate these ?
       

Next Steps:

• We're investigating if the unauthorized services were installed via a privilege escalation method.
• We're considering reinstallation of Cloudron on a fresh system if no other resolution is found.

Any insights or suggestions from the Cloudron team would be greatly appreciated.

Thank you for your continued support!

Sorry for the lack of info.

Here are some additional info gathered by the team:

Platform Versionv8.2.3 (Ubuntu 24.04.1 LTS)
VendorQEMU
ProductStandard PC (i440FX + PIIX, 1996)
CPU6 Core "AMD EPYC 7282 16-Core Processor"
Memory16.77 GB RAM & 4.29 GB Swap

We noticed something is related to MySQL?

Hello

Users been noticing that my WP site is slow and after some tests myself I've found that it is really taking a lot of time to load. Not only WP but also other services (example: Chatwoot).

Is there any way to debug this and know what's causing this issue? Can't seem to find anything in the logs or system info, even the CPU graphs are not showing (keeps loading).

Thank you!

Thank you all! well noted

Thanks @joseph I found what causing the problem! A backup plugin in WP storing it in the wp-content!
Thank you

The backups are also stored in an external storage (Cloudflare)

Also the app folder contains only WordPress regular installation files

Please take a look at this screenshot:
the store one is the Wordpress app

@joseph can you please specifiy from where I can access the web terminal? Do you mean inside of the WordPress app?

Hello,

We've installed Managed WordPress on Cloudron, but it's been weirdly eating up all available disk usage.
We've added a 500 gb instance and it used all of it that other apps stopped working.

Any solution or possible reason that's may be causing this?