One of the main reasons for the high load on the server is the increased number of requests to the site, combined with the insufficient efficiency of the code of its scripts, executed for each of the visitors. Thus, the more efficiently the site scripts work for each visitor, the more load the site can take as a whole.
Also, search bots influence the level of website traffic. Therefore, when the site is indexed by search services, an increased load on the server may occur. It is possible to set the indexing parameters for your site in order to reduce the number of requests from the bot through the file
robots.txt or a webmaster on the search engine side.
If necessary, to reduce the load and carry out technical operations, you can limit access to the site.
The load level can be influenced by queries to the database from the site scripts.
Database queries should not take longer than 15 seconds. All requests that take more than 5 seconds can be viewed in the section "Slow queries».
Unwanted load on the site and the server can be created by malicious scripts (if any).
Malicious scripts can create external connections to other sites, which can cause the site to take longer to process requests. The list of outgoing connection attempts can be found in the section "Outgoing connections».
Unfortunately not... Information about how the CPU time is calculated is presented here.
When analyzing, pay special attention to scripts that use POST and many AJAX requests. These queries tend to be the most challenging due to their technology.
The reason for such a surge in resource consumption is usually a DDoS attack or a site scan for hacking.
Need to analyze server logspaying special attention to atypical POST requests.
To protect WordPress sites from attacks on
wp-login.php can help fulfillment of points 8-10 of instructions.