I have recently experienced high cpu + high outbound traffic (both at the same time) spikes. The process causing the high cpu usage is apache. I started looking through apache logs to see if I could spot anything weird. I didn't notice anything in particular.

Any thoughts to what might be causing this? Possible DOS? Someone simply using a download accelerator app? Is it possible for me to limit the outbound traffic/cpu usage per apache thread? I'm not much of an SA but would like some tips as to how I might be to figure out the root cause of these high cpu and outbound traffic spikes.

I have been using tools like htop, iptraf, tcpdump, etc. I guess I'm just hoping for some assistance from people who may have experienced similar issues and how they went about diagnostics and prevention. Thank you.

You haven't really provided any details... How much CPU usage? How much traffic? Do your apache logs show particular scripts being accessed at the time of the spikes? etc.

when the spike happens it is usually hovering at 200%, but in one case it went up to 325% . The outbound traffic goes up to about 35Mbits/sec , the time that cpu usage went to 325% outbound traffic went up to 45Mbits/sec . My normal conditions are very low, cpu usage usually in the 0-1% and outbound traffic usually on the lower end of < 1Mbit/sec

I run quite a few vhosts from this machine, and there is quite a bit of log data (each vhost has its own log files). So I admit I'm having some difficulty determining a good way to sift through the legit requests vs something that may be the offending culprit.