Krydos

Tommy is now back online and running! Since Tommy was powered off uncleanly there was quite a bit of corruption for anything that was being written to the disk at the time of the power loss. Most of it has been cleaned up, but there may be some issues here and there that still need to be fixed. The hard drive had it's partition table corrupted so we had to rebuild all of those. The XFS partitions had unwritten log data so we had to mount each one to write the log data to disk, then unmount them again, and run xfs_repair on each partition. Since the master boot record was corrupted we had to reinstall grub2 on the disk. The initramfs was corrupted too so we had to rebuild that as well. Then the main Plesk database uses InnoDB engine which always breaks whenever there is any sort of unclean shutdown, so we had to fix each table one by one until Plesk would run. The Apache config files and Nginx config files had a couple vhosts that were corrupted so that had to be fixed before they would boot up. Anyways, everyone's websites should be online now and you should be able to login. Please report any errors that you see so we can fix them. If you have an InnoDB database you might need to back it up, drop it, and import it back in. There isn't really any way to repair it otherwise. We still and always have recommended MyISAM tables for this reason.

A password reset link has been emailed to you.

A password reset link has been emailed to you.

65.19.141.67

The hackers could be reading this forum so it's probably not a good idea to give them a roadmap on how to get around our security improvements, but we learned a lot from this experience and we'll do everything we can to prevent it from happening again. Anything that is connected to the internet is potentially hackable. The only way to make a system 100% secure is to unplug it from the internet, but then you still have to worry about someone physically accessing the system. We spent an hour on Saturday discussing this at the staff meeting, and what we can do to prevent it from happening again.

Remote access enabled.

Did you read this news post? Or did you read this news post that you replied to? Since you're on Tommy, and the Tommy server is down, it makes sense that you would get no response from the server, and your website can't be reached. When Tommy is back up we'll make a news post to let you know.

I'm working on several things at the same time. Getting Tommy Plesk back online is my top priority, but while long running commands are going for hours I work on other things in between rather than just staring at the progress bar slowly go to 100%

Added. It should start working in about 40 minutes.

Deleted.

Please welcome our newest staff member, Kairion! He's been helping out quite a bit on Discord and on the forums over the last few years, so we decided to offer him a promotion so he can help out even more. If you're interested in volunteering for HelioHost too just do the same thing that Kairion has done and we'll notice and maybe offer you a promotion too. The worst way to get promoted is to ask for a promotion. The best way to get promoted is to just help without asking for anything in return.

The way I see it the internet is basically like the wild west of the US from back in the day. If you're not familiar with the wild west term, basically lawlessness was rampant, and bank robbers, train robbers, and highwaymen were extremely common. Everyone carried a gun to protect themselves because it was too big of an area to have enough sheriffs and deputies to protect everyone. Eventually we got it under control though and there are hardly any bank robberies or anything like that anymore. Eventually the internet will be better protected and criminals will become less common. Part of the problem is VMWare writing extremely buggy software with thousands of vulnerabilities.

Yeah, I only got 5 hours of sleep, and started working on it again this morning.

The HelioHost staff have been working tirelessly for the last 12 hours, and we're happy to announce that we've already completed the repairs on heliohost.org, and we have both nameservers running again. The next step is getting Tommy back online. We're going to let the backup run through the rest of the night and we should be able to get Tommy powered on sometime tomorrow as long as everything goes well.

Generally mail servers retry for 4 or 5 days before giving up entirely, but there isn't a rule that says you have to try for a certain number of days, so each sending mail system may have a different limit. Yes, if the email can't be delivered at all the sender should receive a bounce back message saying their message wasn't delivered, but again it might depend on which mail service they're using to send the mail. So if Tommy comes back online tomorrow or the day after you will probably not lose any mail, but it won't all show up as soon as the server comes online because the longer the server is down the less frequent the sending mail server will try. For instance, one failure means they will retry in 30 minutes or so, but after 24 hours of failures they may only try once every 4 hours. Once again all of these numbers are determined by the settings on the sending mail server, and there are no rules saying they have to do it a certain way. Another thing you could consider is setting up a free Zoho account, or another free mail hosting service, and changing your MX records on your domain. When the sending mail server retries they will see the new MX record and send it to Zoho or whoever you use instead.

The main thing I did was increase the fast_cgi time limit to 300 as well. Apparently changing the PHP execution time limit isn't enough. Even after getting all the time limits set it took a couple tries to get it installed though. If you haven't seen the latest news It might be a few days before we can get your website back online. We'll try to get it fixed as soon as possible. Keep an eye on the news page for the latest updates.

Due to the recent news it may take a couple days before we can complete the wipe and reinstall because we're going to be extremely busy cleaning this whole mess up.

A few hours ago our server named Eddie was hacked. This has also affected and caused downtime on Tommy Plesk, Tommy cPanel, Cody, one VPS, one of our nameservers, and certain functions on heliohost.org. Our forums, Johnny, Ricky, and the rest of the VPS are unaffected. Johnny users won't be able to login through heliohost.org for now, but if you go directly to https://johnny.heliohost.org/ you can login that way. We have already taken steps to prevent our other servers from being hacked too. We will be fixing heliohost.org first, our nameserver second, Tommy Plesk third, and Tommy cPanel last. We're hopeful that we can get this work done in the next few days. In the meantime you won't be able to create new accounts on Johnny, Tommy, or VPS plans until heliohost.org is fixed. You won't be able to transfer existing Tommy cPanel accounts to Plesk either. We have no reason to believe that password hashes or any other data has been accessed, but it's a good idea to change your password occasionally anyways just to be safe. We'll keep you updated on the recovery status.

Would you like to use your free wipe and rebuild then or?

I know why you're frustrated. That wasn't easy software to install. After fiddling with it for quite a while I managed to get it installed. I didn't know what type of products you're planning on selling so I just set it to the top option, but I'm sure you can change the name of the store and everything now that it's installed. I emailed you the password and database settings. Let us know if you need help with anything else.

The best fix is to switch to MySQL or PostgreSQL. Not only do they provide much better performance, you don't have to worry about file and directory permissions and disk io. If you insist on using SQLite for some reason you'll have to deal with version 3.7.17 because it can't be upgraded to anything newer. Another option if you refuse to use MySQL or PostgreSQL and need a newer version of SQLite is you could switch to a VPS plan where you could install any version you want, but that starts at $4 per month.

Installed. Here is the current list of installed modules and versions aiohttp==3.8.3 aiosignal==1.3.1 aniso8601==9.0.1 appdirs==1.4.4 asgiref==3.5.2 async-timeout==4.0.2 attrs==22.1.0 Babel==2.11.0 beautifulsoup4==4.11.1 blinker==1.5 bs4==0.0.1 bson==0.5.10 certifi==2022.12.7 chardet==4.0.0 charset-normalizer==2.1.0 click==8.1.3 cssselect==1.2.0 discord==2.1.0 discord.py==2.1.0 Django==4.1.1 dnspython==2.2.1 fake-useragent==1.1.1 Flask==2.2.2 Flask-BabelEx==0.9.4 Flask-JWT-Extended==4.4.4 Flask-Login==0.6.2 Flask-Mail==0.9.1 Flask-Principal==0.4.0 Flask-RESTful==0.3.9 Flask-Security==3.0.0 Flask-SQLAlchemy==3.0.2 Flask-WTF==1.0.1 frozenlist==1.3.3 greenlet==2.0.1 idna==3.3 importlib-metadata==6.0.0 itsdangerous==2.1.2 Jinja2==3.1.2 lxml==4.9.1 mailjet-rest==1.3.4 MarkupSafe==2.1.1 multidict==6.0.3 mysql-connector-python==8.0.31 mysqlclient==2.1.1 parse==1.19.0 passlib==1.7.4 Pillow==8.2.0 protobuf==3.20.1 psycopg2==2.8.6 pyee==8.2.2 PyJWT==2.6.0 pymongo==4.2.0 pyppeteer==1.0.2 pyquery==2.0.0 python-dateutil==2.8.2 python-dotenv==0.21.0 pytz==2022.2.1 requests==2.28.1 requests-html==0.10.0 six==1.16.0 soupsieve==2.3.2.post1 speaklater==1.3 SQLAlchemy==1.4.43 sqlparse==0.4.3 stripe==2.58.0 tqdm==4.64.1 urllib3==1.26.11 w3lib==2.1.1 websockets==10.4 Werkzeug==2.2.2 WTForms==3.0.1 yarl==1.8.2 zipp==3.11.0

Well, one thing that I noticed is according to the documentation https://docs.thirtybees.com/installation/ this software supports PHP 5.5 through PHP 7.1 and you're trying to use PHP 8.1. Does it work if you use a supported PHP version?