Rackspace Ubuntu 12.04 apache2 causing Out of memory

Question

After less than 2 hours uptime, my Rackspace server (1CPU 1GB RAM 40GB) memory is used up by /usr/sbin/apache2 -k start which ends up killing my wordpress site.

QUESTION 1: Why is this happening suddently? (didn't before)

QUESTION 2: Why apache2 -k start is spawning? what does that mean? is that because I am getting more traffic to the website?

QUESTION 3: I am increasing memory, but I have the feeling that it won't be enough. Is there anything I can do to prevent this to happen?

Here a couple of snapshot using htop

  CPU[||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||100.0%]     Tasks: 105, 164 thr; 49 running
  Mem[|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||896/991MB]     Load average: 39.15 21.85 21.51 
  Swp[||||||||||||||                                                                 154/976MB]     Uptime: 01:51:21

  PID USER      PRI  NI  VIRT   RES   SHR S CPU% MEM%   TIME+  Command
14951 www-data   20   0 1385M  4808   440 S 36.0  0.5  7:21.31 /usr/bin/host
15089 www-data   20   0 1385M  4808   440 R  3.0  0.5  0:04.77 /usr/bin/host
15056 www-data   20   0 1385M  4808   440 R  2.0  0.5  0:10.46 /usr/bin/host
14998 www-data   20   0 1385M  4808   440 S  2.0  0.5  0:07.12 /usr/bin/host
19606 root       20   0 26552  2412  1064 R  2.0  0.2  0:13.13 htop
15012 www-data   20   0 1385M  4808   440 S  2.0  0.5  0:07.04 /usr/bin/host
15091 www-data   20   0 1385M  4808   440 S  2.0  0.5  0:09.66 /usr/bin/host
15058 www-data   20   0 1385M  4808   440 S  2.0  0.5  0:07.87 /usr/bin/host
15070 www-data   20   0 1385M  4808   440 S  2.0  0.5  0:05.29 /usr/bin/host
15092 www-data   20   0 1385M  4808   440 S  2.0  0.5  0:10.52 /usr/bin/host
20362 www-data   20   0  438M 46580 30752 R  1.0  4.6  0:00.68 /usr/sbin/apache2 -k start
20318 www-data   20   0  437M 54956 39480 R  1.0  5.4  0:02.04 /usr/sbin/apache2 -k start
20359 www-data   20   0  441M 53964 35580 R  1.0  5.3  0:00.80 /usr/sbin/apache2 -k start
20257 www-data   20   0  448M 70216 45492 R  1.0  6.9  0:02.93 /usr/sbin/apache2 -k start
13660 www-data   20   0  448M 78796 54880 R  1.0  7.8  0:31.66 /usr/sbin/apache2 -k start
20155 www-data   20   0  440M 57740 39656 R  1.0  5.7  0:05.81 /usr/sbin/apache2 -k start
20406 www-data   20   0  431M 18464 11240 R  1.0  1.8  0:00.50 /usr/sbin/apache2 -k start
20409 www-data   20   0  427M  6464  3468 R  1.0  0.6  0:00.40 /usr/sbin/apache2 -k start
20413 www-data   20   0  427M  6456  3464 R  1.0  0.6  0:00.40 /usr/sbin/apache2 -k start
20415 www-data   20   0  427M  6396  3472 R  1.0  0.6  0:00.35 /usr/sbin/apache2 -k start
20416 www-data   20   0  427M  6488  3468 R  1.0  0.6  0:00.31 /usr/sbin/apache2 -k start
20354 www-data   20   0  445M 60612 38624 R  1.0  6.0  0:01.02 /usr/sbin/apache2 -k start
20414 www-data   20   0  427M  6424  3468 R  1.0  0.6  0:00.35 /usr/sbin/apache2 -k start
20420 www-data   20   0  427M  6452  3452 R  1.0  0.6  0:00.28 /usr/sbin/apache2 -k start
20344 www-data   20   0  437M 55104 39464 R  1.0  5.4  0:01.21 /usr/sbin/apache2 -k start
20429 www-data   20   0  427M  6496  3468 R  1.0  0.6  0:00.20 /usr/sbin/apache2 -k start
20433 www-data   20   0  427M  6240  3300 R  1.0  0.6  0:00.16 /usr/sbin/apache2 -k start
20432 www-data   20   0  427M  6224  3300 R  1.0  0.6  0:00.17 /usr/sbin/apache2 -k start
20434 www-data   20   0  427M  6220  3300 R  1.0  0.6  0:00.13 /usr/sbin/apache2 -k start
20435 www-data   20   0  427M  6208  3300 R  1.0  0.6  0:00.13 /usr/sbin/apache2 -k start
20356 www-data   20   0  444M 58952 37828 R  1.0  5.8  0:00.95 /usr/sbin/apache2 -k start
20403 www-data   20   0  432M 24080 14948 D  1.0  2.4  0:00.55 /usr/sbin/apache2 -k start
20407 www-data   20   0  431M 19844 12136 R  1.0  2.0  0:00.50 /usr/sbin/apache2 -k start
20157 www-data   20   0  438M 55472 39580 R  1.0  5.5  0:05.79 /usr/sbin/apache2 -k start
20316 www-data   20   0  436M 54452 39480 R  1.0  5.4  0:02.10 /usr/sbin/apache2 -k start
20422 www-data   20   0  427M  6496  3468 R  1.0  0.6  0:00.27 /usr/sbin/apache2 -k start
15389 www-data   20   0  449M 82448 56732 R  1.0  8.1  0:33.03 /usr/sbin/apache2 -k start
20361 www-data   20   0  440M 51368 34112 R  1.0  5.1  0:00.73 /usr/sbin/apache2 -k start
20427 www-data   20   0  429M  9144  4740 R  1.0  0.9  0:00.08 /usr/sbin/apache2 -k start
20437 www-data   20   0  427M  6236  3300 R  1.0  0.6  0:00.06 /usr/sbin/apache2 -k start
20254 www-data   20   0  436M 54508 39516 R  1.0  5.4  0:02.79 /usr/sbin/apache2 -k start
15383 www-data   20   0  449M 82904 57052 R  1.0  8.2  0:42.17 /usr/sbin/apache2 -k start
15379 www-data   20   0  448M 79372 54436 R  1.0  7.8  0:44.53 /usr/sbin/apache2 -k start
F1Help  F2Setup F3SearchF4FilterF5Tree  F6SortByF7Nice -




CPU[||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||100.0%]     Tasks: 105, 164 thr; 49 running
  Mem[|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||896/991MB]     Load average: 39.15 21.85 21.51 
  Swp[||||||||||||||                                                                 154/976MB]     Uptime: 01:51:21

  PID USER      PRI  NI  VIRT   RES   SHR S CPU% MEM%   TIME+  Command
14951 www-data   20   0 1385M  4808   440 S 36.0  0.5  7:21.31 /usr/bin/host
15089 www-data   20   0 1385M  4808   440 R  3.0  0.5  0:04.77 /usr/bin/host
15056 www-data   20   0 1385M  4808   440 R  2.0  0.5  0:10.46 /usr/bin/host
14998 www-data   20   0 1385M  4808   440 S  2.0  0.5  0:07.12 /usr/bin/host
19606 root       20   0 26552  2412  1064 R  2.0  0.2  0:13.13 htop
15012 www-data   20   0 1385M  4808   440 S  2.0  0.5  0:07.04 /usr/bin/host
15091 www-data   20   0 1385M  4808   440 S  2.0  0.5  0:09.66 /usr/bin/host
15058 www-data   20   0 1385M  4808   440 S  2.0  0.5  0:07.87 /usr/bin/host
15070 www-data   20   0 1385M  4808   440 S  2.0  0.5  0:05.29 /usr/bin/host
15092 www-data   20   0 1385M  4808   440 S  2.0  0.5  0:10.52 /usr/bin/host
20362 www-data   20   0  438M 46580 30752 R  1.0  4.6  0:00.68 /usr/sbin/apache2 -k start
20318 www-data   20   0  437M 54956 39480 R  1.0  5.4  0:02.04 /usr/sbin/apache2 -k start
20359 www-data   20   0  441M 53964 35580 R  1.0  5.3  0:00.80 /usr/sbin/apache2 -k start
20257 www-data   20   0  448M 70216 45492 R  1.0  6.9  0:02.93 /usr/sbin/apache2 -k start
13660 www-data   20   0  448M 78796 54880 R  1.0  7.8  0:31.66 /usr/sbin/apache2 -k start
20155 www-data   20   0  440M 57740 39656 R  1.0  5.7  0:05.81 /usr/sbin/apache2 -k start
20406 www-data   20   0  431M 18464 11240 R  1.0  1.8  0:00.50 /usr/sbin/apache2 -k start
20409 www-data   20   0  427M  6464  3468 R  1.0  0.6  0:00.40 /usr/sbin/apache2 -k start
20413 www-data   20   0  427M  6456  3464 R  1.0  0.6  0:00.40 /usr/sbin/apache2 -k start
20415 www-data   20   0  427M  6396  3472 R  1.0  0.6  0:00.35 /usr/sbin/apache2 -k start
20416 www-data   20   0  427M  6488  3468 R  1.0  0.6  0:00.31 /usr/sbin/apache2 -k start
20354 www-data   20   0  445M 60612 38624 R  1.0  6.0  0:01.02 /usr/sbin/apache2 -k start
20414 www-data   20   0  427M  6424  3468 R  1.0  0.6  0:00.35 /usr/sbin/apache2 -k start
20420 www-data   20   0  427M  6452  3452 R  1.0  0.6  0:00.28 /usr/sbin/apache2 -k start
20344 www-data   20   0  437M 55104 39464 R  1.0  5.4  0:01.21 /usr/sbin/apache2 -k start
20429 www-data   20   0  427M  6496  3468 R  1.0  0.6  0:00.20 /usr/sbin/apache2 -k start
20433 www-data   20   0  427M  6240  3300 R  1.0  0.6  0:00.16 /usr/sbin/apache2 -k start
20432 www-data   20   0  427M  6224  3300 R  1.0  0.6  0:00.17 /usr/sbin/apache2 -k start
20434 www-data   20   0  427M  6220  3300 R  1.0  0.6  0:00.13 /usr/sbin/apache2 -k start
20435 www-data   20   0  427M  6208  3300 R  1.0  0.6  0:00.13 /usr/sbin/apache2 -k start
20356 www-data   20   0  444M 58952 37828 R  1.0  5.8  0:00.95 /usr/sbin/apache2 -k start
20403 www-data   20   0  432M 24080 14948 D  1.0  2.4  0:00.55 /usr/sbin/apache2 -k start
20407 www-data   20   0  431M 19844 12136 R  1.0  2.0  0:00.50 /usr/sbin/apache2 -k start
20157 www-data   20   0  438M 55472 39580 R  1.0  5.5  0:05.79 /usr/sbin/apache2 -k start
20316 www-data   20   0  436M 54452 39480 R  1.0  5.4  0:02.10 /usr/sbin/apache2 -k start
20422 www-data   20   0  427M  6496  3468 R  1.0  0.6  0:00.27 /usr/sbin/apache2 -k start
15389 www-data   20   0  449M 82448 56732 R  1.0  8.1  0:33.03 /usr/sbin/apache2 -k start
20361 www-data   20   0  440M 51368 34112 R  1.0  5.1  0:00.73 /usr/sbin/apache2 -k start
20427 www-data   20   0  429M  9144  4740 R  1.0  0.9  0:00.08 /usr/sbin/apache2 -k start
20437 www-data   20   0  427M  6236  3300 R  1.0  0.6  0:00.06 /usr/sbin/apache2 -k start
20254 www-data   20   0  436M 54508 39516 R  1.0  5.4  0:02.79 /usr/sbin/apache2 -k start
15383 www-data   20   0  449M 82904 57052 R  1.0  8.2  0:42.17 /usr/sbin/apache2 -k start
15379 www-data   20   0  448M 79372 54436 R  1.0  7.8  0:44.53 /usr/sbin/apache2 -k start
F1Help  F2Setup F3SearchF4FilterF5Tree  F6SortByF7Nice -

Answer 1

/usr/bin/host running for 7 hours at 36% CPU is weird on its own, but because you're also running a Wordpress website I am comfortable saying that you probably have an outdated plugin and your server is compromised.

My suggestion is to contact Rackspace support and have them either identify the problem (If it's not malware) or format / reload if it is. Once you have a fresh install be sure that your application, and application plugins are up to date.