Check what kind of traffic you are seeing on /xmlrpc.php.
What tends to happen is that spammers hit that file up and ask it to perform slow operations (the Wordpress team recently greatly expanded its capabilities). A PHP instance gets tied up for the duration. I've had instances lock up until killed by timeouts of 2 minutes.
When a bunch of traffic arrives at once, it only takes a handful of badly behaved instances of xmlrpc.php to render the server essentially inoperable.
I just went through this a few months ago. My bloggers don't use it and it can't be deactivated from within Wordpress any more, so I just 404 it in nginx.
Thanks for the tip. After reviewing Ryan's logs, it turns out a software security layer, Sentinel, was detecting the load test as a DoS attack since LoadImpact was sending all traffic from a single IP.
What tends to happen is that spammers hit that file up and ask it to perform slow operations (the Wordpress team recently greatly expanded its capabilities). A PHP instance gets tied up for the duration. I've had instances lock up until killed by timeouts of 2 minutes.
When a bunch of traffic arrives at once, it only takes a handful of badly behaved instances of xmlrpc.php to render the server essentially inoperable.
I just went through this a few months ago. My bloggers don't use it and it can't be deactivated from within Wordpress any more, so I just 404 it in nginx.