smartmc

Ty!

My IP got blocked because I think I forgot to disable my email account on my phone. Can someone fix that please.

Username is Terra

I think there's some stuff Krydos can try, but we're gonna see if it subsides first most likely. We're not even sure it's the same attacker, but it's reasonable to believe so considering the attack started within 24 hours of Johnny being pulled for maintenance.

 

Good news is that Tommy is beefy enough that he doesn't just collapse from the load caused by Apache and the firewall trying to block it. Apache is overwhelmed by the botnet, but everything else on him should be working just fine. cPanel, FTP, and email are up. Just the actual web server that isn't. Johnny on the other hand couldn't handle the load and basically folded under pressure.

Well, I wish you luck guys! I assume you can't use cloudflare because of the way domains are managed, but it would be good idea if possible

The ddos that was hitting Johnny for the past 3 weeks is now hitting tommy instead since Johnny was taken down for maintenance.

Wow. That must suck. Surely you guys have some form of mitigation?

Will be sent shortly  Waiting on your old account to remove its domain...

 

EDIT: Sent

Recieved. Thanks for the help!

My account "smartmc"

recently got suspended due to the recent anonymous fox hack and I lost access.

Could I please be sent a new invite for the tommy server?

 

My old account can be deleted, as I cannot access it anymore and will have no use for it

You'll have to use your latest backup.

I can't access my backups because cpanel is down

Hullo?

I assume this is because of the WordPress hack, because I use it on my site. I'm perfectly happy to create a new account if necessary, but would it be possible to download everything in my ~/html/telebots directory? I can't access the cpanel to download the code from there.

 

Server: Tommy

Domain: mcterra.cf

Username: smartmc

I'd bet it has to do with the cert nearing expiration, especially if it just recently started. I know AutoSSL certs are usually renewed/replaced once they're <14 days from expiration...

 

Try renewing your certificate and see if a fresh one still does it.

Refreshed my cert, problem fixed!

Thanks for the help!

I'd bet it has to do with the cert nearing expiration, especially if it just recently started. I know AutoSSL certs are usually renewed/replaced once they're <14 days from expiration...

 

Try renewing your certificate and see if a fresh one still does it.

Will give it a try and see what happens

Been having this issue for about a week, but it seems it won't be going away for the moment, so I'm making a post about it.

 

As the title implies, every 24 or-so hours, my ssl certificate from Let's Encrypt resets to self-signed. This is a pain (obviously), as it gives warnings to anyone who vists my site, and messes with my Telegram bot webhooks. I will point out that my SSL is close to expiry (about a week), but I don't see that this would be an issue.

Can you check your php version, because it's definitely disabled in php 7.2?

unless I'm very wrong, that's php 7.2, isn't it?

Is the warning gone now?

No, it's still there. I've tried a couple of things like using

ini_set('always_populate_raw_post_data', '-1');

but to no avail.

 

Edit:

Determined that the ini_set failed, probably because of server restrictions

Which version of php are you using?

Sorry for late reply, I believe I am running PHP 7.2 (ea-php72)

For a while now, I have been getting this error

[28-Jan-2018 00:19:44 UTC] PHP Deprecated:  Automatically populating $HTTP_RAW_POST_DATA is deprecated and will be removed in a future version. To avoid this warning set 'always_populate_raw_post_data' to '-1' in php.ini and use the php://input stream instead. in Unknown on line 0

I don't have access to the php.ini for my account, so I'd be great if you could disable that. I don't know if changing the setting applies to all users, but if so, I'll just suppress the warnings.

Thanks in advance

This is the worst advice. DO NOT download or install .deb's. it's rarely/never needed. Chrome is a exception, not a rule.

 

I agree, for one, there is no cryptographic verification going on when you download deb files, and also, handling dependencies is very time consuming.

APT does both these things automatically.

Great to hear, fellow internetter!

Just thought I'd make a post to outline some tips for email security.

I've noticed that emails sent to Hotmail/Outlook get moved to the spam folder automatically, even if you are not blacklisted.

 

The solution is to make sure you use SPF, DKIM and DMARC.

 

HelioHost has DKIM support built-in, in Authentication page in the Email section.

If you intend to use Cloudflare, make sure you have enabled DKIM before changing to Cloudflare's nameservers, to make sure the TXT DNS record with DKIM information is copied.

 

SPF is pretty easy, and can be setup from the Authentication page in the email section, and will be copied if you setup Cloudflare at a later date. You can, however setup SPF after moving to Cloudflare, as no keys are required.

 

DMARC, as far as I'm aware, is not officially supported by HelioHost, but setup isn't too difficult. You'll first need to create an email address for reports to be sent to, then you can either read up on the syntax and write your own DNS record, or use an online generation service. I recommend the former, as it will give you better knowledge of how the technology works. After you have crafted the record, simply add it to your DNS zone as a TXT record, either through HelioHost or another DNS provider if applicable.

 

Thanks for reading, let me know if you think I got something wrong

Good ol' Australia!

 

75x75

That one is small, but legible enough I think.

 

<ins data-revive-zoneid="7" data-revive-id="321e1cec4956204a54bd86da12deea5b"></ins><script async src="//krydos.heliohost.org/a/www/delivery/asyncjs.php"></script>

I do a bit of graphic design, so I might touch it up a bit in my free time

Hmm, I'll have to add one of these I guess

Just made this thread to say how much I appreciate the work and funds you guys put into running this service, and how much it has helped me as a student without the money to buy a paid service from a company like Hostinger.

 

It is your service that allows me to explore programming in PHP, HTML and much more. To date I've setup a couple of chat bots that do all kinds of things, like getting Google photos, urban dictionary definitions and much more. I wouldn't have been able to achieve this without the work you guys put in.

 

So for this, I say wholeheartedly, THANKYOU!