All Activity

Yeah, my brother told me something about that after I submitted my request, how do I switch back to 24, do I have to request a rebuild or something? It's not really urgent I use hestia, I do know enough command line to install a web server and host a simple site without a control panel.

Yes, I can access it now, thanks.

Since there had been no response for over a week I was checking in on this one, and noticed that you requested reverse DNS for VPS12 to be set to tkcsplace.moe. I missed that the first time somehow, but it's set now. Let us know if you need any help with the DKIM, SPF, and DMARC. Since you are using external DNS you have to actually set the records yourself since we can't login to your Porkbun account, but we may still be able to offer advice if you're having trouble.

I have started your account reset. Prior to the reset I made a full backup which you can download from https://heliohost.org/backup if you need any of your previous files. You should have received an email from no-reply@heliohost.org (not this email) with a link to take the next step in the reset process.

We had a ton of bots attacking our wiki the other day, and just kept blocking more and more IPs until the server was usable. Unfortunately it looks like a lot of legitimate users ended up being blocked as well. Thanks for reporting the block. Are you able to access the wiki now?

It's probably going to be a few months if not a year before Hestia support Ubuntu 26. When Ubuntu 24 came out in April 2024 I don't think Hestia officially supported it until early 2025, but we did have a few people on Ubuntu 24 running the beta version of Hestia for a while in October 2024 or so. If you want to use Hestia you'll either need to switch back to Ubuntu 24 or wait a few more months.

Username: silvereu, Server: Morty2, Main domain: silveredits.helioho.st reset my account please

You're having so much trouble with this email thing that I started to think something was wrong with our email system. I checked the headers of your emails manually, and sure enough the reply-to header is still set to gentil@quevvy.com. We've been using this same email system since 2017 or so and it's never taken anyone more than 1 try to send us an email from the correct email address. Since you're really struggling with sending emails in addition to a lot of other really basic stuff I'm going to go ahead and waive our "verify email address" policy this one time and reset your account for you. Let us know if you need help with anything else.

This support request is being escalated to our VPS admins.

This support request is being escalated to our root admins.

Hello! As you have already been told before: You must send your support request from the email address on the account in order for it to be reset. Providing the email address in the body of the email is not sufficient. The email must actually be sent from that mailbox to prove that you control the associated email address. If you are no longer able to send emails from the email address associated with your HelioHost account, you could change your email address in Plesk so we can accept reset requests from this email address too. Thanks!

Hello! As you have already been told before: You must send your support request from the email address on the account in order for it to be reset. Providing the email address in the body of the email is not sufficient. The email must actually be sent from that mailbox to prove that you control the associated email address. If you are no longer able to send emails from the email address associated with your HelioHost account, you could change your email address in Plesk so we can accept reset requests from this email address too. Thanks!

Username: N/A, Server: N/A, Main Domain: N/A Hello, HelioHost Support I want to restart my account and Start over Username: gentillenoir075 Plan: morty E-mail: gentillenoir075@gmail.com Thanks

Username: N/A, Server: N/A, Main Domain: N/A Hello, HelioHost Support I want to restart my account and Start over Username: gentillenoir075 Plan: gentillenoir075@gmail.com E-mail: gentillenoir075@gmail.com Thanks

Hello! To restore your account backup, you would need to first extract the files from the backup, and then manually upload files back to your account. Plesk's "restore" function will not allow you to upload your entire backup back to Plesk. For more information on how to extract your files from the backup, please see this page in our Technical Documentation Wiki: https://wiki.helionet.org/Account_Backups Once extracted using the steps in the Wiki, you would then re-upload the files to the related folders inside your account (website files go into httpdocs on a main domain, etc.) Please let us know if you have any questions or if you get stuck on any of the extract/restore steps. Thanks!

Username: jumonjii, Server: Johnny, Main domain: funstuff.heliohost.us Hello - I tried to upload the backup to my account but plesk said it couldn't and it contact the host. - Chris

While you're working on figuring out how to send an email from your gmail address I took a look at your storage usage: Backups 0 MB Emails 0 MB Files 1001.69 MB Trash 0 MB Logs 13.74 MB PSQL 0 MB MariaDB 36.82 MB Total 1052.25 MB 260M /home/gentillenoir075.helioho.st/httpdocs 12K /home/gentillenoir075.helioho.st/.ssh 77M /home/gentillenoir075.helioho.st/git 24K /home/gentillenoir075.helioho.st/.nodenv 62M /home/gentillenoir075.helioho.st/.npm 8.0K /home/gentillenoir075.helioho.st/private 251M /home/gentillenoir075.helioho.st/sitex.quevvy.com 291M /home/gentillenoir075.helioho.st/quevvy.com 0 /home/gentillenoir075.helioho.st/tmp 0 /home/gentillenoir075.helioho.st/var 29M /home/gentillenoir075.helioho.st/usr 12K /home/gentillenoir075.helioho.st/etc 0 /home/gentillenoir075.helioho.st/dev 16K /home/gentillenoir075.helioho.st/files_docker 4.0K /home/gentillenoir075.helioho.st/.config 35M /home/gentillenoir075.helioho.st/.cache 4.0K /home/gentillenoir075.helioho.st/.local It seems like the problem is you asked us to remove the sitex.quevvy.com domain, but you never deleted the files, and then you put all the same files into the quevvy.com domain thereby doubling the usage of that site. After deleting that duplicate sitex.quevvy.com directory for you your storage usage is at 802 MB out of 1000 MB. Now that you're under the 1000 MB limit you should be able to login again and your 503 errors are gone. If you need more than 1000 MB storage you can increase your limit at https://heliohost.org/dashboard/storage/ If you're no longer able to send emails from your gmail account for some reason you could always change your email address in Plesk so we can accept reset requests from this email address too. Let us know if you need help with anything else.

In regards to your original request, you must send your support request from the email address on the account in order for it to be reset. Providing the email address in the body of the email is not sufficient, the email must actually be sent from that mailbox to prove that you control the associated email address.

non-WordPress domain on this account) That's why I missed it...that domain has node instead. When I went through the domains, I saw that one had node enabled and just skipped over it, as I was focused on the WP stuff. Good news is that those files, while definitely malicious, likely would not have been able to run anyway since you had Node enabled (passenger redirects everything to node when enabled on a domain, so Apache never gets to run the PHP files). The interesting part is that the index.php is clearly meant for a nonexistent WP on that domain, and the mac.php looks like it may be the same or a very similar file to a file called bless24.php that was on the compromised lda.ng domain (I recognize this string from the top: xtamdxsirm from the other day).

Hello! As you've been advised on 14/06/2026 08:59, we cannot accept your attempts to set an ETA/SLA. For support response timelines (SLAs and ETAs), check: https://wiki.helionet.org/ETA All staff are unpaid volunteers who donate their free time outside of real-life commitments (paid job, school, family, etc.) so trying to say things like "Priority: 9/10, Urgency: 10/10" will not have an impact on the free time we have available to donate to Heliohost users. In fact, trying impose a deadline on unpaid volunteer staff can give a negative impression. Not all unpaid volunteer staff will work faster when someone tries to insist that they do. Not all unpaid volunteers will be pushed into hurrying because someone impatient says they should. All unpaid volunteer staff are free to choose who they assist, and not all of them will be pushed into hurrying if one user decides to claim they are more important than everyone else who needs help by trying to add a "9/10" in a request for help. Most for-profit hosting companies have a staff of full time employees who sit around providing support and working 40 hours a week. It's very rare for any of our volunteers to work more than an hour or so each day. None of our volunteers are required to log a certain number of hours and may come and go as they please. We run this organization in our free time, and if we don't have very much free time things don't get done very quickly. If we aren't having fun volunteering, providing support, chatting with the community, and developing new features then we take a break and do things that are more fun for us. This is why we don't have SLAs or ETAs for new features or repairs, and this is why things move a little slower than a for-profit company that you might be used to dealing with. Since all HelioHost staff are unpaid volunteers, so there is no guaranteed timeframe for a response to support requests. Our best efforts to respond within 24 hours can be impacted by several factors, including but not limited to: - Time zone differences (most staff are based in North America) - Work - School - Family - Other real-life commitments As I shared with you on 14/06/2026 08:59: We try to action all support requests within 24 hours however this is not a guaranteed timeframe. Thanks!

Updated and unsuspended. Your account may take up to 2 hours to function.

Apologies - I was not aware of these terms of service. The original email address I signed up with is now defunct. I think that may be what prevented you from changing it back - it wasn't any action taken by me. I have updated the email address used in this forum to one that is not disposable - I hope this has automatically updated the email address in my account used for hosting If not, are you able to change the email address on the hosting account to the one on this forum account?

The files from your old account can be downloaded from https://heliohost.org/backup/

Username: heliogeorge, Server: Johnny, Main domain: heliogeorge.heliohost.us Good morning, I just now tried to recover my old account (heliogeorge), however, I can't find my website (heliogeorge.heliohost.us) anywhere, and the "files" directory appears to be empty. How can I recover them? -- Heliogeorge

Hi Wolstech, Following up on this thread; wanted to flag something I found while cleaning up after the recent incident, in case it's useful for your records. While reviewing my ngo.helioho.st site (a separate, non-WordPress domain on this account) I found two files that don't belong there: a heavily obfuscated backdoor named mac.php (last modified June 11, ~7:49 PM), and an injected index.php containing a remote-eval payload pulling from 63.141.235.34, plus a redirect to a suspicious shortened link, swiy.co/goodrich555 (modified June 13, ~7:07–7:12 AM). Both timestamps are before your review where you mentioned nothing looked suspicious outside lda.ng, so this looks like it's from the same intrusion window, just on a domain that isn't WordPress and may not have been part of that check. Tried backuing up existing WP installs like ths.helioho, but i encounter Host Build interrupts sue to things like allowed runtime and PHP max execution. I've already renamed both files to .infected to disable them and remove them from execution and I'm restoring a clean copy of that site myself. I'm not asking for another account-wide reset; this is contained and I'm handling it, but since I don't have shell access to search file contents across the rest of the account, Since this looks like leftover from the same incident rather than a new one, I wanted to flag it rather than sit on it. Would it be possible to do a targeted check for similar files on my other domains rather than a full account reset?-since the rest of the account otherwise appears unaffected. Happy to send over the exact file contents if that helps your scan. Thanks again for the help.