List of checks that you can perform on a linux server to try and figure out why it keeps going down

Disk Space:

df -h

(Make sure you have enough disk space)

Memory:

free -m

(Check you're not out of memory)

Processes / Load average

top (shift + m)
htop

(Check for processes that are taking up a lot of memory/CPU)

Apache errors

cat /var/log/apache2/error.log

(Look for 500 errors caused by erroneous code on the server)

High hit rate

grep MaxClients /var/log/apache2/error.log

(Check for MaxClients warningdamn in your apache error logs)

tail -f /var/log/apache2/access.log

(Check for bots/spiders) [You might need to lower your MaxClients settings]

Check recent logs

ls -lrt /var/log/

(the -lrt flag will show you the most recently modified files at the end)

Check your cronjobs

ls -la /var/spool/cron/*
ls -la /etc/cron*

(You might find your server is going down at a certain time, this could be result of a cronjob eating up too many resources)

Check Kernel Messages

dmesg

Check inodes

df -i

(Check inodes remaining when you have a disk that looks full but is reporting free space)

Install Systat for collective stats (cpu, i/o, memory, networking)

http://www.thegeekstuff.com/2011/03/sar-examples/

Determine how many apache threads are running (if you're not using mod_status)

ps -e | grep apache2 | wc -l

For DOS attacks: Start

Number of active, and recently torn down TCP sessions

netstat -ant | egrep -i '(ESTABLISHED|WAIT|CLOSING)' | wc -l

Number of sessions waiting for ACK (SYN Flood)

netstat -ant | egrep -i '(SYN)' | wc -l

List listening TCP sockets

netstat -ant | egrep -i '(LISTEN)'

List arguments passed to program

cat /proc/<PID>/cmdline

For DOS attacks: END