Krydos

/home1/pnrxtx/public_html/saves/wc3/wc3.rar

Your account was resuspended for failure to take care of the malware problem during your allotted 24 hour period. The offending files have been deleted, and your account has been manually unsuspended. If you still see the suspended page then you should try clearing your browsers cache.

Just because you waited a few months and asked again doesn't make your site less illegal.

For some reason you've got your A record set to 199.34.228.58 on that domain which isn't going to work because that's not even a Heliohost IP. You can see your current A record with this link http://byrondallas.heliohost.org/php/tools/dns_records.php?domain=fieldstationkids.org&rec=A To find your account's shared IP address you just need to log in http://heliohost.org/ Then along the left side of the screen there is a box labeled stats. Click "expand stats" if you haven't already, and locate the header "shared IP address". The number next to that is what you need to use for your A record which your account is set by default to use unless you change it. You can use this link http://stevie.heliohost.org:2082/frontend/x3/zoneedit/advanced.html to delete the invalid records, and make sure all of your A records (except for localhost) have the IP address that matches what you found as your shared IP address, and localhost will be 127.0.0.1 Since the A record is 199.34.228.58 and your MX record is fieldstationkids.org then all emails to any address @fieldstationkids.org will try to go to whatever host 199.34.228.58 is, not Heliohost. Once you get the A records straightened out the mail should start working too. Let us know if you're having trouble getting the IP addresses straightened out.

Nope. addondomain.org is obviously not the domain we're talking about. Perhaps if you told us the actual domain you're talking about we could help you more.

I just checked and that account doesn't have brute force protection enabled currently, but it does clear itself over time so it might have been earlier when this topic was posted. Are you still having trouble connecting to FTP?

First of all, you're only allowed one account so if you create multiple accounts they will all be suspended until you pick one to use and the rest will be deleted. Second of all, if your account is suspended the only way to get it unsuspended is to post your username, domain, and server in this sub forum http://www.helionet.org/index/forum/81-suspended-and-queued-accounts/

Mail is working fine for me. Which web mail are you using? Horde, round cube, or squirrel? Or are you using a web mail you installed on your account yourself?

I'm guessing you hadn't logged on for 30 days so after your account was unsuspended for malware but before you had a chance to log in it got flagged as inactive and suspended once again for that. Anyways, your account is active now and it is also showing up as clean. Thank you for taking care of this.

Your account is showing up as clean now. Thank you for taking care of this. If you think the scanner is being overbearing you can report a false positive with this link http://cgi.clamav.net/sendvirus.cgi

If it helps, I just tested sending and receiving email on both Stevie and Johnny and all four messages arrived to their destinations within seconds of being sent. So email seems to be working fine. Have you checked all of your spam filters or tried sending to a different email address? My tests were done to and from a gmail address.

Your account caused the fifth highest load for today, not too shabby but it's really not that high of load. Certainly not high enough to get suspended for or anything like that. All accounts have unlimited bandwidth already so that can't be the problem. I checked Heliohost's overall bandwidth usage for all four servers and we're nowhere near our limit, nor have we been anytime in recorded history. I can safely assure you that is has nothing to do with bandwidth. I have to admit that I find it kind of odd that you're getting 503 errors though. I've never even seen a 503 error on any page on Stevie. Usually high load and a lot of visitors to a site will cause 500 errors not 503. Is there any particular page that is causing the 503? Does it happen only on php? Only on html? On both? Are you using some sort of CMS? Does this CMS or lack thereof have a history of throwing 503s? Usually 503 errors come from a page requesting a service that isn't available. For instance, on Johnny if someone tries to visit a java page while tomcat is offline they will get a 503 because apache is still online, but since tomcat can't process the script apache returns the error that the "service isn't available." Php service will always be available. It's possible that if you're getting a 503 error on php if the script takes too long to execute. Since this is shared hosting we limit things like number of processes, script execution time, and maximum memory usage. If this is the case then you should rewrite your site to execute faster or use less memory, or whatever the problem is. Maybe this link wll help? http://stackoverflow.com/questions/8202002/long-computation-in-php-results-in-503-error

Your account should be unsuspended now, but keep in mind that this is a temporary unsuspension. You have access to log into cPanel and FTP to delete/edit your files, but the suspended page will still show to visitors to your site. You have 24 hours starting at the time of this post to clean your account of any and all copyrighted/pornographic content or your account will be resuspended. Failure to adequately clean your account of all disallowed content will result in a permanent suspension. Once you feel that everything is cleaned up to comply with our Terms of Service you may edit your root .htaccess to remove the suspended page from your site.

Yep, with over 20,000 accounts currently hosted on our servers and a staff of unpaid volunteers we definitely don't manually look at each and every account. Here is what the automated scan found. /home/pirsquar/public_html/spoofmails.txt: HTML.Phishing.Auction-19 FOUND /home/pirsquar/public_html/techniques.html: Exploit.URLSpoof.gen.2 FOUND I did glance through those two files briefly and your story seems to check out. However, no matter what your intentions are if your site triggers the automated scans it will be suspended, and we're not going to make exceptions or set it not to scan certain sites but not others. In fact, my own personal sites and all the Heliohost staff are subject suspension just as much as any other user. My suggestion is to try to present your examples in a way that won't trigger the automated scans. Your account is unsuspended now, and if you would like us to check your site once you have edited/deleted the files to see if it is still triggering the suspension script just let us know. By the way on a more personal note, thanks for trying to educate people about online scams. The automated scans and suspensions are Heliohost's way of educating people about malicious software, phishing, and cleaning up the internet too so we're on the same side in that regard.

Your password has been manually reset, tested, and emailed to your contact email address. Let us know if you're still having trouble logging into your account.

The reason we suspend accounts is because they are crashing the server. It's not fair for one site to hog all the system resources causing all the other 10,000 accounts to load slowly or not at all. We don't suspend accounts just to screw with you, or to force you to post on the forums. It doesn't seem to me like you understand this. Your account has been crashing Stevie on and off for months. If an account owner seems to be taking steps to fix the problem we might decide to give them extra chances, but in your case it seemed like nothing ever changed. Maybe I'm wrong, or I've gotten the wrong impression but it seemed to me that your plan was just to crash the server over and over and each time you got suspended for it, "No big deal, I'll just post on the forum again before I need the site to be working again." Yes, you did ask once on a topic that was already flagged as solved what the problem was, but it's not our responsibility to redesign your site for you. I'm sorry I and the other admins missed that question, but it really doesn't take an administrator to figure out that php chat rooms cause massive amounts of load. In fact a lot of users planning on hosting a chat room will ask in advance if it's allowed because they know that chat rooms cause a lot of load and most free webhosting companies have them banned because of this fact. We're a community of volunteers providing a free service, and if you're going to take advantage of it or abuse it we will take out the offending accounts to provide better service to the majority of users. Furthermore, Ice IT isn't "refusing" to unsuspend your account because he doesn't like you or he's just a mean guy or something which seems to me to be your implication, but rather he's just following our standard policy of three strikes and you're out. Anyways, you should now be able to log into your account at http://heliohost.org/ to take a backup if you wish, but since this is your third suspension for high load your site will show 404, queued, or suspended for up to 24 hours.

Ok, the account tarun has been deleted and the typo in the contact email for the account tarungyp has been fixed. You should now be able to reset your password by filling out the reset password box located here http://stevie.heliohost.org:2082/ Let us know if you're still having trouble logging into your account.

Your account was suspended for the following reason: Malware. 1 file(s). PHP.Shell-42 FOUND That means that there are some malware files found on your account. For your safety and to protect your website from potential further corruption the account has been suspended. To find the infected files we recommend making a backup of your site, download the backup file to your computer, and scan the backup using a reputable virus and malware scanner. If you're having trouble locating the offending files please ask and we can provide more information. If you are you certain that it is a false-positive, we strongly encourage you to file a false positive form here: http://cgi.clamav.net/sendvirus.cgi Your account should be unsuspended now, but keep in mind that this is a temporary unsuspension. You have 24 hours starting at the time of this post to clean your account of any and all malicious files or your account will be resuspended.

Your account was suspended for the following reason: Malware. 7 file(s). Trojan.Linux.RST.b FOUND That means that there are some malware files found on your account. For your safety and to protect your website from potential further corruption the account has been suspended. To find the infected files we recommend making a backup of your site, download the backup file to your computer, and scan the backup using a reputable virus and malware scanner. If you're having trouble locating the offending files please ask and we can provide more information. If you are you certain that it is a false-positive, we strongly encourage you to file a false positive form here: http://cgi.clamav.net/sendvirus.cgi Your account should be unsuspended now, but keep in mind that this is a temporary unsuspension. You have 24 hours starting at the time of this post to clean your account of any and all malicious files or your account will be resuspended.

Your account is showing up as clean now. Thank you for taking care of this.

Here's your hint: /home1/kdevdata/public_html/airlines/hq/cpx.php /home1/kdevdata/public_html/airlines/hq/petx.php

Well, you're only allowed to have one account so which do you want to keep and which do you want to have deleted?

Your account is showing up as clean now. Thank you for taking care of this.

Your account was suspended for the following reason: Malware. 2 file(s). PHP.Hide FOUND That means that there are some malware files found on your account. For your safety and to protect your website from potential further corruption the account has been suspended. To find the infected files we recommend making a backup of your site, download the backup file to your computer, and scan the backup using a reputable virus and malware scanner. If you're having trouble locating the offending files please ask and we can provide more information. If you are you certain that it is a false-positive, we strongly encourage you to file a false positive form here: http://cgi.clamav.net/sendvirus.cgi Your account should be unsuspended now, but keep in mind that this is a temporary unsuspension. You have 24 hours starting at the time of this post to clean your account of any and all malicious files or your account will be resuspended.

You're probably not getting password reset emails because you typed your email address with @gmaill.com (two L's) I would assume that was a typo and fix it for you, but there is already an account with a similar username listed with the same email account @gmail.com that was created about a month prior to the account in question and has been inactive since November. Are both of these accounts yours?