I was searching for problem, based on debian virtual server and ispconfig. There was high cpu load about 100%.
Finally were two problems.
1.st .xmlrrpc attack found in apache log
For fixing this issue just disable in .htaccess accessing file to attacker
nano /var/www/site.cz/web/.htaccess and
just add this line at the end of .htaccess
deny from all
allow from xxx.xxx.xx.xxx
you can allow it from known ip address and xx represents you ip address
on this virtual machine was also high cpu load because of plugin wp-security plugin
this verion of plugin due to error which requested writing some information into sql table made incredibly large error log
which is located based on ispconfig and debian 9 cat /var/www/yoursite.cz/log/error.log
after probing log file a and discovering error and deleting plugin was all working perfectly.