It’s likely dogfrog4 has been undergoing a “slow http” attack (sometimes known as the “slowloris attack” after one of the tools that does it).
We’ve spent quite a bit of time overnight recompiling the web server to add mitigation for this; the mitigation involves timing out requests and banning IPs that are generating slow attacks.
The symptoms we were experiencing yesterday were consistent with a slow http attack – webserver stops responding, load average low, occasional response from webserver, restart fixes the problem, etc.
We’re keeping a careful eye on the situation.
Last night an upgrade to cPanel on several of our servers caused the automatic creation of Auto-discover records throughout all sites hosted on these servers.
These Auto-discover records were created regardless of whether the sites email is hosted with us or hosted externally (Google Apps/Exchange); this caused pop-up messages to display to clients accessing email through our server asking them to update their email clients settings using the Auto-discover record, breaking their email.
We have rolled back these settings on one of our servers (dogfrog4/doc) to what they were set to before the upgrade and will roll back the settings on the other servers shortly; in the meantime we ask that all people still getting this message click on the ‘No” option and refuse to get there settings from the Auto-discover record.