So, what to do if a customer has a server which is frequently crashing? Well, important things to check is open files, to look at all the users in /etc/passwd and substitute the username to check each of their cron jobs and check the files which are open using the apache process id.
This will help rule out a lot of common issues being seen on servers, and may even be of use for checking whether the server has been hacked.
netstat -ntulp for i in $(awk -F: '{print $1}' /etc/passwd); do crontab -l -u $i ;done lsof -p $(cat /var/run/apache2/apache2.pid) | grep log
This is a nice one liner, thanks to my colleague Aaron for providing this, well, actually it was so awesome I stole it 😛