Self DOS attack by ignorant user

I have noticed a DOS attack on my server today. After thorough investigation I discovered that this was done by ignorant admin of one wordpress instance.

He set an RSS widget with URL of one of his own wordpress pages. This was not a valid RSS channel and widget displayed nothing but in effect each page request started an infinite loop of php scripts on server. The user request generated request to the page to check RSS which generated request to the page…

User did not notice anything special except slowdown of the server. But server worked hard for a few hours creating new and new cgi processess. Killing all cgi processes did resolve the problem only till the next visit to the site.