For information on shared hosting resource limits, please refer to the following article:
What Should I Do If I Receive a ‘Resource Limits Reached’ Error?
Many instances where resource limits are reached tends to be with sites using WordPress; if this is the case, please refer to the following support article, which will cover the ensuing steps with a more WordPress-specific focus:
Optimizing WordPress Sites
If you’re seeing issues with resource limits on the hosting package, or slow response times, we highly recommend optimizing the site with the following steps, in addition to reviewing further resources specific to the software you’re using, for other helpful information:
- Review your site’s traffic statistics
Becoming familiar with the sources of traffic and bandwidth usage on the account will help to identify unnecessary or excessive traffic that can be reduced or eliminated. You may find that webcrawlers are indexing a large volume of pages meant to be private, or a vast majority of traffic is coming from malicious sources attempting to exploit your content. You may also find that your sites are getting more traffic than you had thought.
cPanel provides several options for viewing traffic statistics for the account. The differences are mostly aesthetic, so you can select the one you find easiest to use, and review the traffic information for the site(s) on the account. Here are links to the documentation for each:
High volumes of malicious activity (such as brute force login attempts, POST attempts to vulnerable scripts, etc.) as well as normal site indexing from webcrawlers like Googlebot and Bingbot do contribute to your bandwidth usage, so taking steps to limit this activity is one aspect of reducing the general usage on the account.
For more information on webcrawler activity, here is a relevant link to Google documentation:
If Googlebot is accessing and indexing pages too fast, you can control the crawl speed through your Google Webmaster portal:
Administrative areas, like wp-admin on a WordPress installation, should never be indexed by search engines, as it is both unnecessary traffic and a security risk. By default, there is nothing preventing this in WordPress, Joomla, etc., so you’ll want to disable that behavior through other means. Google recommends using password protection on private directories (like administrative panels) to prevent them from being indexed:
In cPanel, this can be accomplished with Directory Privacy:
In addition to preventing admin areas from being publicly indexed, you’ll want to fully update all software, themes, plugins, etc. and patch security vulnerabilities to discourage malicious attempts to exploit your site. Even if no new content is being added to the site regularly, websites still require regular software maintenance, which you’ll need to perform on a regular basis, or have an experienced web developer do so for you. How this is done depends on the software you’re using; please refer to the documentation for your site’s software, and/or the maintenance advice of the site’s developer.
You can also use the traffic information to determine the largest sources of legitimate bandwidth usage, and review ways to reduce that usage and/or determine if offloading content is necessary. Here is a good place to start:
Test the page speed
A major source of high resource usage is the site code not being fully optimized. You can run a scan to check for issues that can be resolved through changes and tweaks to the installation. A good site to test with is GTMetrix:
Ideally, the page size to aim for would be around 1M or less, and the less concurrent connections, the better. Review the suggestions that are returned on the scan, and read the associated documentation.
Suggestions like ‘Leverage browser caching’ and ‘Enable gzip compression’ show the ‘type’ as ‘Server’ because they would require certain modules to be enabled on the server before they can be used. Gzip compression and caching modules are already enabled on all of our shared servers, however the website itself would still need to be configured to utilize them. For WordPress, for example, a popular plugin to to use for this is WordPress Total Cache:
Otherwise, there is an option in the cPanel, Optimize Website, which can enable compression on applicable files.
CloudFlare offers several plans, but the Free package should suffice for most small sites, or sites that don’t need many advanced features. CloudFlare can provide basic malicious traffic filtering, CDN load-balancing, and some level of caching:
All of our shared hosting servers have the CloudFlare Apache module enabled, so you won’t need to contact us to make any server changes; you can just go right ahead and follow the Cloudflare information for configuring the site.
Always keep your site up to date
Regularly apply updates to the core installations. If you have inactive themes or plugins installed, they should be removed or, otherwise, you’ll want to be applying updates to those modules as if they were active, as any installed modules can still be exploited to compromise a site if they contain unpatched security flaws.
Be familiar with the modules you’re using, and the sources you’ll need to be keeping up with for information on security disclosures or other vital update announcements. If your site is custom-coded, you should be having a web developer reviewing your site code for necessary updates, security holes, or other required maintenance.
Compromised installations can also be used to infect other websites within the same hosting account, so it’s vital that all installed software be regularly maintained, or otherwise removed from the account. If you have development sites within your account, you’ll want to remove them if they’re no longer in use, otherwise you’ll need to be just as diligent at keeping them up to date as a production site. Here is an article with further discussion of site cross-contamination:
If you’re finding that, even with extensive optimization, your account is still reaching resource limits, then it’s likely that your account has outgrown what shared hosting plans can offer. Please keep in mind that shared hosting is typically intended for personal sites and some small business sites where uptime is less critical. For higher availability, higher volume traffic, or sites that are otherwise more resource-intensive, a virtual private server or dedicated server is recommended.
We do offer VPS and dedicated server options with our sister company, DotBlock, which can be found here:
Please note that this information is provided as a courtesy for general guidance on the steps involved in optimizing a website; performing these steps, however, would be outside the scope of our support. If you’re not comfortable with completing the above steps on your own, we recommend locating an experienced web developer to assist.