Krydos

There's quite a bit of stuff that you didn't delete yet.

It looks like metals was the first wordpress hacked externally, and then he used a scanner on that account to look for other wordpress installs. If you don't remember metals was the account that was causing massive issues on Tommy and was banished to Johnny for quite a while because of it.

There you go https://secege.heliohost.org/test.jsp I also moved your deployed servlet to https https://secege.heliohost.org/HelioSecureRest/ but if you deploy a new .war it will likely revert back to http as the deployment script only deploys to non-ssl.

If your account was affected please delete everything in public_html and restore from a backup that is known to be good, or better yet start over without using wordpress at all.

That error is likely because an httpd.conf rebuild was already in progress. Cpanel locks the file so multiple scripts can't try to edit it at a time, and generally the script that doesn't own the lock tries for 300 seconds and then errors out. Since there are so many virtualhosts on Johnny it definitely takes more than 300 seconds to do a full httpd.conf rebuild. Everything seems to have straightened itself out on its own though. Let us know if your site still isn't working for you after you clear your browser cache and flush your os dns records. It's loading fine for me.

You can delete your entire cpanel account and recreate it if you want.

Just use cmh. You said it works.

Which is the spam account then? I'm trying to find the full text, including headers, from a message that was routed incorrectly.

There you go http://ejweb.tk/test.aspx

I'm not seeing any email at all on that account. Did you delete it all already?

Do your stored procedures work if you use the mysql user cmh?

You scribbled out the one piece of information I needed from that screenshot. Is it info@?

Postgis extension has been created on the database alank_backloader.

No, you may not have access to view/modify/delete everyone's databases on the entire server. I can run the command for you though. Remote access enabled.

Does postgis work now? We'll need to know what user and database you want remote access from.

Tommy is on django 1.11.6 https://krydos.heliohost.org/cgi-bin/modules36.py and we're not going to be downgrading to 1.9.

There you go https://krydos2.heliohost.org/cgi-bin/modules36.py

/home/alirezac/public_html/poinno.com/index.php It's wordpress causing the issue. No one is surprised. Probably 95% of our high load suspensions come from wordpress. As an example Maicol07 was recently having tons of issues with high wordpress load as well, and when we finally convinced him to ditch it he went from #1 load to #40 with the same amount of traffic. You won't find many wordpress fans in these parts. Please fix it. Unsuspended.

Well, that's bizarre. The index.jsp file is showing up on the server now, but it still gives the 404 error. I would recommend starting a new project with a different name in Eclipse like Wolstech suggested and see if it has the same problem.

In the servlet guide you have to manually create it too: Source: https://wiki.helionet.org/Java_Servlet

We can test it on your account if you want? I could edit your last logged in date and you can try logging in various ways. Let me know if you want to try. I suspect it was just a fluke. Perhaps the communication between Tommy and Cody was temporarily disrupted. The script that updates the last login date has no fallback if there is an error, nor does it test to see if the last login date was actually updated. It just sends one request to update the last login and then goes about it's business doing other things. If there were a lot of people having this issue I would be a lot more concerned. Most people that have issues with their login dates counting are logging in with a url like tommy.heliohost.org:2083/sess0000/frontend/paper_lantern/something/that/ends/in.html which will never work. Maybe Wolstech can recall if anyone has had an issue with https://www.heliohost.org/login/ before?

I just tested logging in on a Tommy account at https://www.heliohost.org/login/ and it updated the last login date.

The main issue is a DDoS attack http://heliohost.grd.net.pl/monitor/archive/?2018-07-11 but the high load from the attack seems to have crashed apache as well. I've got apache running again. Hopefully the DDoS attack has ended too.

If your email had this link in it it means you missed the warning email and your account was already suspended for inactivity. The two day warning email links to https://www.heliohost.org/login/

There is still nothing on the server.