You try and go to one of your sites and get the dreaded: 508 Resource Limit Reached or worse This Account Has Been Suspended for Abuse of Shared Hosting TOS. Your host is now keeping your sites at ransom and you have tried everything to optimize your sites however keep exceeding your shared hosting resources.
This is just some of the hair pulling scenarios I have experienced with shared hosting companies. The reason many people use shared hosting is because it is managed. Well managed is probably not the right word. It's really because there is a control panel installed which makes the installation of Wordpress easy as well as the creation of addon domains.
A VPS (virtual private server) is generally not an option because a reasonably priced VPS is usally unmanaged (who has the time to learn all the technical details about system administration) and a managed VPS can be very expensive. Your gut feeling is that your sites and scripts shouldn't be bringing your shared hosting package to a grinding halt.
I host the majority of my sites on a single host's shared hosting plan (this page is hosted elsewhere). I have approximately 15 Wordpress sites and 10 HTML/PHP sites which also use MySQL database for lookup queries. My main host seems to suffer from regular DOS (denial of service) attacks and when that happens I can be almost certain my sites will not be accessible.
It doesn't appear they have sufficient preventive measures in place to mitigate DDOS attacks. For me to move all my sites to another shared hosting plan is tiresome. So I needed to find a way to bring high usage down. I have spent so many hours trying to debug the root causes and will share with you exactly what I have found and implemented to solve my problems so you do not have to continually beg your host to re-activate your account.
Wordpress is a great CMS however it's current design has a few vulnerabilities that can cause high CPU and entry process usage. One issue is that the Cron service will run whenever a page is loaded whether the vistor is real or not. I implemented the following to bring my Wordpress system usage back to normal.
You might think this is too simple however if you have successfully had your sites indexed in the major search engines, that will attract an avalanche of automated bots from search engines to companies gathering competitive analytics that will bring your sites to their knees. Your Robots.txt won't help in most cases. Those 2 simple actions brought my Wordpress installs back to normal usage.
My PHP based sites were a little more complex to resolve however this is what I did:
I added this code set to the beginning of my PHP sites as an include file and ensured it was the first code executed. This has also radically reduced the CPU and entry process usage.
Update 17 Jan 2018 - my host received a bot flood today and my sites survived ! I can see all the hits in the host logs however my PHP bot slow down worked - hooray !