RPI Status with PHP
system date : Wed Sep 17 00:14:54 PDT 2025
whoami : www-data
uname -a : Linux rpi4bmedia 5.10.103-v7l+ #1529 SMP Tue Mar 8 12:24:00 GMT 2022 armv7l GNU/Linux
uptime : 00:14:54 up 142 days, 16:33, 2 users, load average: 0.63, 0.29, 0.21
File systems on RPI
Filesystem Size Used Avail Use% Mounted on
/dev/root 29G 8.2G 20G 30% /
devtmpfs 1.8G 0 1.8G 0% /dev
tmpfs 1.9G 0 1.9G 0% /dev/shm
tmpfs 1.9G 186M 1.7G 10% /run
tmpfs 5.0M 4.0K 5.0M 1% /run/lock
tmpfs 1.9G 0 1.9G 0% /sys/fs/cgroup
/dev/mmcblk0p1 253M 49M 204M 20% /boot
/dev/sda1 1.9T 22G 1.8T 2% /media/usbdisk2t
tmpfs 384M 4.0K 384M 1% /run/user/1001
ps aux --sort=-pcpu on RPI
USER PID %CPU %MEM VSZ RSS TTY STAT START TIME COMMAND
gottsch 1255 4.2 15.6 1013676 615904 ? Sl Apr27 8677:59 lxpanel --profile LXDE-pi
gottsch 776 3.1 14.6 975476 576908 ? Sl Apr27 6379:45 lxpanel --profile LXDE-pi
root 1003 0.3 1.3 158628 54540 tty7 Ssl+ Apr27 709:43 /usr/lib/xorg/Xorg :0 -seat seat0 -auth /var/run/lightdm/root/:0 -nolisten tcp vt7 -novtswitch
gottsch 664 0.2 0.8 117312 33720 ? Sl Apr27 480:49 /usr/bin/Xvnc-core :1 -auth /home/gottsch/.Xauthority -pn -fp /usr/share/vnc/fonts/ -geometry 1280x1024 -depth 24
root 1 0.0 0.2 33852 8168 ? Ss Apr27 33:19 /sbin/init splash
root 2 0.0 0.0 0 0 ? S Apr27 0:15 [kthreadd]
root 3 0.0 0.0 0 0 ? I< Apr27 0:00 [rcu_gp]
root 4 0.0 0.0 0 0 ? I< Apr27 0:00 [rcu_par_gp]
root 8 0.0 0.0 0 0 ? I< Apr27 0:00 [mm_percpu_wq]
root 9 0.0 0.0 0 0 ? S Apr27 0:00 [rcu_tasks_rude_]
root 10 0.0 0.0 0 0 ? S Apr27 0:00 [rcu_tasks_trace]
root 11 0.0 0.0 0 0 ? S Apr27 53:24 [ksoftirqd/0]
root 12 0.0 0.0 0 0 ? I Apr27 119:51 [rcu_sched]
root 13 0.0 0.0 0 0 ? S Apr27 0:04 [migration/0]
root 14 0.0 0.0 0 0 ? S Apr27 0:00 [cpuhp/0]
root 15 0.0 0.0 0 0 ? S Apr27 0:00 [cpuhp/1]
root 16 0.0 0.0 0 0 ? S Apr27 0:13 [migration/1]
root 17 0.0 0.0 0 0 ? S Apr27 0:51 [ksoftirqd/1]
root 20 0.0 0.0 0 0 ? S Apr27 0:00 [cpuhp/2]
root 21 0.0 0.0 0 0 ? S Apr27 0:07 [migration/2]
root 22 0.0 0.0 0 0 ? S Apr27 0:44 [ksoftirqd/2]
root 25 0.0 0.0 0 0 ? S Apr27 0:00 [cpuhp/3]
root 26 0.0 0.0 0 0 ? S Apr27 0:04 [migration/3]
root 27 0.0 0.0 0 0 ? S Apr27 2:02 [ksoftirqd/3]
root 30 0.0 0.0 0 0 ? S Apr27 0:00 [kdevtmpfs]
root 31 0.0 0.0 0 0 ? I< Apr27 0:00 [netns]
root 34 0.0 0.0 0 0 ? S Apr27 0:00 [kauditd]
root 36 0.0 0.0 0 0 ? S Apr27 0:10 [khungtaskd]
root 37 0.0 0.0 0 0 ? S Apr27 0:00 [oom_reaper]
root 38 0.0 0.0 0 0 ? I< Apr27 0:00 [writeback]
root 39 0.0 0.0 0 0 ? S Apr27 15:38 [kcompactd0]
root 59 0.0 0.0 0 0 ? I< Apr27 0:00 [kblockd]
root 60 0.0 0.0 0 0 ? I< Apr27 0:00 [blkcg_punt_bio]
root 61 0.0 0.0 0 0 ? S Apr27 0:00 [watchdogd]
root 64 0.0 0.0 0 0 ? I< Apr27 0:00 [rpciod]
root 65 0.0 0.0 0 0 ? I< Apr27 0:00 [kworker/u9:0-hci0]
root 66 0.0 0.0 0 0 ? I< Apr27 0:00 [xprtiod]
root 67 0.0 0.0 0 0 ? S Apr27 4:33 [kswapd0]
root 68 0.0 0.0 0 0 ? I< Apr27 0:00 [nfsiod]
root 69 0.0 0.0 0 0 ? I< Apr27 0:00 [kthrotld]
root 70 0.0 0.0 0 0 ? I< Apr27 0:00 [iscsi_eh]
root 71 0.0 0.0 0 0 ? I< Apr27 0:00 [iscsi_destroy]
root 72 0.0 0.0 0 0 ? I< Apr27 0:00 [nvme-wq]
root 73 0.0 0.0 0 0 ? I< Apr27 0:00 [nvme-reset-wq]
root 74 0.0 0.0 0 0 ? I< Apr27 0:00 [nvme-delete-wq]
root 78 0.0 0.0 0 0 ? I< Apr27 0:00 [DWC Notificatio]
root 79 0.0 0.0 0 0 ? I< Apr27 0:00 [uas]
root 80 0.0 0.0 0 0 ? S< Apr27 0:00 [vchiq-slot/0]
root 81 0.0 0.0 0 0 ? S< Apr27 0:00 [vchiq-recy/0]
root 82 0.0 0.0 0 0 ? S< Apr27 0:00 [vchiq-sync/0]
root 83 0.0 0.0 0 0 ? I< Apr27 0:00 [zswap-shrink]
root 87 0.0 0.0 0 0 ? I< Apr27 0:00 [sdhci]
root 88 0.0 0.0 0 0 ? S Apr27 0:00 [irq/47-mmc0]
root 90 0.0 0.0 0 0 ? I< Apr27 0:00 [mmc_complete]
root 93 0.0 0.0 0 0 ? S Apr27 0:00 [scsi_eh_0]
root 94 0.0 0.0 0 0 ? I< Apr27 0:00 [scsi_tmf_0]
root 95 0.0 0.0 0 0 ? S Apr27 4:52 [usb-storage]
root 96 0.0 0.0 0 0 ? S Apr27 10:12 [jbd2/mmcblk0p2-]
root 97 0.0 0.0 0 0 ? I< Apr27 0:00 [ext4-rsv-conver]
root 99 0.0 0.0 0 0 ? I< Apr27 0:00 [ipv6_addrconf]
root 126 0.0 0.2 37792 8580 ? Ss Apr27 14:34 /lib/systemd/systemd-journald
root 159 0.0 0.0 18604 3824 ? Ss Apr27 0:26 /lib/systemd/systemd-udevd
root 198 0.0 0.0 0 0 ? S Apr27 0:00 [vchiq-keep/0]
root 199 0.0 0.0 0 0 ? S< Apr27 0:00 [SMIO]
root 209 0.0 0.0 0 0 ? I< Apr27 0:00 [mmal-vchiq]
root 216 0.0 0.0 0 0 ? I< Apr27 0:00 [mmal-vchiq]
root 219 0.0 0.0 0 0 ? I< Apr27 0:00 [mmal-vchiq]
root 222 0.0 0.0 0 0 ? I< Apr27 0:00 [mmal-vchiq]
root 227 0.0 0.0 0 0 ? I< Apr27 0:00 [mmal-vchiq]
root 233 0.0 0.0 0 0 ? I< Apr27 0:00 [cfg80211]
root 242 0.0 0.0 0 0 ? S Apr27 77:35 [v3d_bin]
root 244 0.0 0.0 0 0 ? S Apr27 107:32 [v3d_render]
root 245 0.0 0.0 0 0 ? S Apr27 0:00 [v3d_tfu]
root 246 0.0 0.0 0 0 ? S Apr27 0:00 [v3d_csd]
root 247 0.0 0.0 0 0 ? I< Apr27 0:00 [brcmf_wq/mmc1:0]
root 248 0.0 0.0 0 0 ? S Apr27 0:00 [v3d_cache_clean]
root 251 0.0 0.0 0 0 ? S Apr27 0:00 [card1-crtc0]
root 255 0.0 0.0 0 0 ? S Apr27 2:03 [brcmf_wdog/mmc1]
systemd+ 341 0.0 0.1 22384 5552 ? Ssl Apr27 0:37 /lib/systemd/systemd-timesyncd
avahi 374 0.0 0.0 5936 3112 ? Ss Apr27 4:24 avahi-daemon: running [rpi4bmedia.local]
root 375 0.0 0.0 4312 2964 ? Ss Apr27 82:07 /sbin/mount.ntfs-3g /dev/sda1 /media/usbdisk2t -o rw,nosuid,nodev,uid=1001,gid=1001,user,exec
root 385 0.0 0.0 25500 3380 ? Ssl Apr27 2:31 /usr/sbin/rsyslogd -n -iNONE
root 386 0.0 0.2 63316 9400 ? Ssl Apr27 1:54 /usr/lib/udisks2/udisksd
message+ 387 0.0 0.0 6948 3880 ? Ss Apr27 27:58 /usr/bin/dbus-daemon --system --address=systemd: --nofork --nopidfile --systemd-activation --syslog-only
avahi 388 0.0 0.0 5764 220 ? S Apr27 0:00 avahi-daemon: chroot helper
nobody 397 0.0 0.0 4316 2052 ? Ss Apr27 2:02 /usr/sbin/thd --triggers /etc/triggerhappy/triggers.d/ --socket /run/thd.socket --user nobody --deviceglob /dev/input/event*
root 401 0.0 0.0 10712 3684 ? Ss Apr27 1:15 /sbin/wpa_supplicant -u -s -O /run/wpa_supplicant
root 403 0.0 0.1 13124 5804 ? Ss Apr27 12:13 /lib/systemd/systemd-logind
root 409 0.0 0.1 11720 4476 ? SNs Apr27 0:03 /usr/sbin/alsactl -E HOME=/run/alsa -s -n 19 -c rdaemon
root 454 0.0 0.0 2132 48 ? S Apr27 0:00 /usr/bin/hciattach /dev/serial1 bcm43xx 3000000 flow -
root 456 0.0 0.0 0 0 ? I< Apr27 0:00 [kworker/u9:2-hci0]
root 499 0.0 0.1 39032 7060 ? Ssl Apr27 2:36 /usr/lib/policykit-1/polkitd --no-debug
root 516 0.0 0.0 9524 3412 ? Ss Apr27 0:00 /usr/lib/bluetooth/bluetoothd
root 517 0.0 0.1 11200 4104 ? Ss Apr27 3:05 wpa_supplicant -B -c/etc/wpa_supplicant/wpa_supplicant.conf -iwlan0 -Dnl80211,wext
root 605 0.0 0.0 2964 1864 ? Ss Apr27 0:47 /sbin/dhcpcd -q -w
root 606 0.0 0.0 4452 2208 ? Ss Apr27 0:00 /usr/bin/vncserver-x11-serviced -fg
root 608 0.0 0.3 189100 14860 ? Ss Apr27 16:32 php-fpm: master process (/etc/php/7.3/fpm/php-fpm.conf)
root 610 0.0 0.2 28044 9560 ? Ss Apr27 84:09 /usr/sbin/nmbd --foreground --no-process-group
mosquit+ 613 0.0 0.1 8876 5260 ? Ss Apr27 94:06 /usr/sbin/mosquitto -c /etc/mosquitto/mosquitto.conf
root 615 0.0 0.3 34156 14180 ? Sl Apr27 47:22 /usr/bin/vncserver-x11-core -service
root 626 0.0 0.0 5584 1904 ? Ss Apr27 0:00 /usr/sbin/vsftpd /etc/vsftpd.conf
root 632 0.0 0.0 0 0 ? I< Apr27 0:00 [cifsiod]
root 633 0.0 0.0 0 0 ? I< Apr27 0:00 [smb3decryptd]
root 634 0.0 0.0 0 0 ? I< Apr27 0:00 [cifsfileinfoput]
root 635 0.0 0.0 0 0 ? I< Apr27 0:00 [cifsoplockd]
root 636 0.0 0.0 0 0 ? I< Apr27 0:00 [cifs-dfscache]
root 638 0.0 0.1 10688 5660 ? Ss Apr27 1:48 /usr/sbin/sshd -D
root 645 0.0 0.2 51468 8036 ? Ss Apr27 0:00 nginx: master process /usr/sbin/nginx -g daemon on; master_process on;
www-data 660 0.0 0.2 189272 10304 ? S Apr27 0:16 php-fpm: pool www
www-data 661 0.0 0.2 189272 10672 ? S Apr27 0:16 php-fpm: pool www
gottsch 662 0.0 0.0 6032 3044 ? Ss Apr27 0:00 vncserver :1 -geometry 1280x1024 -depth 24
root 666 0.0 0.1 17160 7080 ? S Apr27 0:00 /usr/bin/Xvnc -rootHelper 1001 4
root 667 0.0 0.4 45016 16584 ? Ss Apr27 1:56 /usr/sbin/smbd --foreground --no-process-group
root 677 0.0 0.1 41240 5168 ? S Apr27 0:21 /usr/sbin/smbd --foreground --no-process-group
root 679 0.0 0.1 41244 5148 ? S Apr27 0:21 /usr/sbin/smbd --foreground --no-process-group
gottsch 685 0.0 0.0 6544 3296 ? S Apr27 0:00 /usr/bin/dbus-daemon --session --nofork --address=unix:path=/tmp/.vnc-1001/run/session-747d3cc35f83483e/bus --nopidfile --nosyslog
gottsch 687 0.0 0.1 351656 6648 ? Sl Apr27 9:52 /usr/bin/pulseaudio --daemonize=no
gottsch 689 0.0 0.0 1936 376 ? S Apr27 0:00 /bin/sh /etc/vnc/xstartup
rtkit 696 0.0 0.0 23184 2140 ? SNsl Apr27 3:12 /usr/lib/rtkit/rtkit-daemon
root 697 0.0 0.1 45004 6696 ? S Apr27 2:25 /usr/sbin/smbd --foreground --no-process-group
gottsch 702 0.0 0.4 38316 15856 ? S Apr27 1:54 /usr/bin/vncserverui virtual 14
gottsch 711 0.0 0.2 50300 10932 ? Sl Apr27 1:28 /usr/bin/lxsession -s LXDE-pi -e LXDE
gottsch 726 0.0 0.3 28036 15340 ? S Apr27 0:12 /usr/bin/vncserverui -statusicon 5
gottsch 744 0.0 0.0 4492 88 ? Ss Apr27 1:09 /usr/bin/ssh-agent x-session-manager
gottsch 756 0.0 0.1 39232 5976 ? Sl Apr27 0:00 /usr/lib/gvfs/gvfsd
gottsch 761 0.0 0.1 54504 5212 ? Sl Apr27 0:00 /usr/lib/gvfs/gvfsd-fuse /tmp/.vnc-1001/run/gvfs -f -o big_writes
gottsch 770 0.0 0.3 58340 14980 ? S Apr27 0:01 openbox --config-file /home/gottsch/.config/openbox/lxde-pi-rc.xml
gottsch 775 0.0 0.4 47408 18656 ? Sl Apr27 0:00 lxpolkit
gottsch 777 0.0 0.6 142960 25276 ? Sl Apr27 4:20 pcmanfm --desktop --profile LXDE-pi
gottsch 784 0.0 0.0 4492 92 ? Ss Apr27 0:00 /usr/bin/ssh-agent -s
gottsch 802 0.0 0.6 41576 27052 ? S Apr27 0:01 /usr/bin/python3 /usr/share/system-config-printer/applet.py
gottsch 823 0.0 0.1 26436 5152 ? Sl Apr27 0:00 /usr/lib/menu-cache/menu-cached /tmp/.vnc-1001/run/menu-cached-:1
gottsch 828 0.0 0.2 93712 9648 ? Sl Apr27 0:01 /usr/lib/gvfs/gvfs-udisks2-volume-monitor
gottsch 850 0.0 0.1 35924 4256 ? Sl Apr27 0:00 /usr/lib/gvfs/gvfs-goa-volume-monitor
gottsch 856 0.0 0.1 37492 4876 ? Sl Apr27 0:00 /usr/lib/gvfs/gvfs-gphoto2-volume-monitor
gottsch 861 0.0 0.1 51976 6328 ? Sl Apr27 0:01 /usr/lib/gvfs/gvfs-afc-volume-monitor
gottsch 869 0.0 0.1 35924 4424 ? Sl Apr27 0:00 /usr/lib/gvfs/gvfs-mtp-volume-monitor
root 874 0.0 0.0 3772 2324 ? Ss Apr27 1:25 /usr/sbin/cron -f
root 880 0.0 0.0 28676 1360 ? SLsl Apr27 3:29 /usr/sbin/rngd -r /dev/hwrng
root 899 0.0 0.1 46716 5932 ? Ssl Apr27 0:37 /usr/sbin/lightdm
gottsch 903 0.0 0.1 48784 6376 ? Sl Apr27 0:01 /usr/lib/gvfs/gvfsd-trash --spawner :1.4 /org/gtk/gvfs/exec_spaw/0
gottsch 958 0.0 0.1 26800 4264 ? Sl Apr27 0:00 /usr/lib/gvfs/gvfsd-metadata
root 1004 0.0 0.0 5616 2512 tty1 Ss Apr27 0:00 /bin/login -f
root 1125 0.0 0.1 7308 4216 ? S Apr27 0:00 /usr/bin/vncagent service 15
root 1175 0.0 0.1 29900 6232 ? Sl Apr27 0:01 lightdm --session-child 14 17
gottsch 1180 0.0 0.1 14692 7432 ? Ss Apr27 0:00 /lib/systemd/systemd --user
gottsch 1181 0.0 0.0 35392 2492 ? S Apr27 0:00 (sd-pam)
gottsch 1191 0.0 0.2 50364 11224 ? Ssl Apr27 0:00 /usr/bin/lxsession -s LXDE-pi -e LXDE
gottsch 1199 0.0 0.0 6540 3472 ? Ss Apr27 0:00 /usr/bin/dbus-daemon --session --address=systemd: --nofork --nopidfile --systemd-activation --syslog-only
gottsch 1223 0.0 0.0 4492 88 ? Ss Apr27 1:09 /usr/bin/ssh-agent x-session-manager
gottsch 1234 0.0 0.1 39232 5968 ? Ssl Apr27 0:00 /usr/lib/gvfs/gvfsd
gottsch 1239 0.0 0.1 53480 5240 ? Sl Apr27 0:00 /usr/lib/gvfs/gvfsd-fuse /run/user/1001/gvfs -f -o big_writes
gottsch 1251 0.0 0.3 57304 13848 ? S Apr27 0:00 openbox --config-file /home/gottsch/.config/openbox/lxde-pi-rc.xml
gottsch 1252 0.0 0.2 42956 10800 ? Sl Apr27 1:38 lxpolkit
gottsch 1256 0.0 0.6 119216 23692 ? Sl Apr27 0:00 pcmanfm --desktop --profile LXDE-pi
gottsch 1262 0.0 0.0 4492 92 ? Ss Apr27 0:00 /usr/bin/ssh-agent -s
gottsch 1267 0.0 0.0 4868 1044 ? S Apr27 0:00 xcompmgr -aR
gottsch 1280 0.0 0.6 41576 27212 ? S Apr27 0:00 /usr/bin/python3 /usr/share/system-config-printer/applet.py
gottsch 1285 0.0 0.2 363604 8752 ? S
ddclient in /var/log/daemon.log
/var/log/nginx/access.log
43.130.12.43 - - [17/Sep/2025:00:03:15 -0700] "GET / HTTP/1.1" 200 4541 "-" "Mozilla/5.0 (iPhone; CPU iPhone OS 13_2_3 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/13.0.3 Mobile/15E148 Safari/604.1"
3.87.232.175 - - [17/Sep/2025:00:05:21 -0700] "GET / HTTP/1.1" 200 4541 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36"
185.244.104.2 - - [17/Sep/2025:00:11:51 -0700] "PROPFIND / HTTP/1.1" 405 173 "http://67.160.240.135:443/" "-"
121.37.104.238 - - [17/Sep/2025:00:13:54 -0700] "GET /planets_2017/Jup_20170618_0412_txt.jpg HTTP/1.1" 200 76548 "-" "Mozilla/5.0 (Macintosh; Intel Mac OS X 10_15_7) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.0.0 Safari/537.36"
/var/log/nginx/error.log
/var/log/syslog
Failed root login attempts