We've had a problem with our website (bask.org) being rebooted due to high memory consumption (we have a 1.5 GB Dreamhost VPS site, using ubuntu 14.04, and Apache/2.4.7).
We have a way downrev WP-based site (we have plugin compatibility issues, and haven't been able to find the time or money to solve them yet, although it's own it's way).
We are running s2memberpro, version 140105
It looks to me like every time we crash, it's correlated to bad s2member accesses (GETs). We have other similar accesses that don't cause huge increases in memory use, but at the time of the crash, we see one instance of apache2 going from about 30 MB resident, 250MB total size, to 750MB resident, and then a minute later, 975MB resident.
On our most recent instance, these are the two get accesses:
(the actual urls don't have a space before /join, I did that to avoid having the whole string shown as a URL
The website is pretty quiet other than that, although wp-cron is running at about the same time, and there could be some interaction with that (we use wp-cron to expire our members, and to send mail reminding them to renew, so it does interact with s2member.
Has anybody seen something similar (what looks like an s2member attack, and then rapid apache2 growth)?
If so, is there anything we can do about it in our s2member config? We can't do much with the apache2 config, since it's a VPS instance, but if there is an answer via apache2 configuration, we can work with dreamhost.
The s2member references with the long encoded strings come from different IP addresses at different times, so I don't think blocking IP addresses is a viable solution.
Something that would limit the memory growth, or prevent the trigger, would be quite helpful.