halfercode

Heh, alright Krydos, I think I'll pass! I will fix manually instead.

Thanks for the info.

Ah, a bit more digging on this - it's the same with directories as well.

If I create a directory via cPanel, the permissions on it will be 755, and PHP files will run fine. If I correct the directory via SFTP, the permissions are 775, and any PHP files within will result in a 500 error.

Interestingly, that 500 error does not itself appear in the "errlog.html" error log page in cPanel.

(Thanks for moving the post, Luigi).

After a few little hiccups with logging in, I am now able to upload PHP scripts to my account. Woop!

However, when uploading via SFTP, I notice that the default permissions are 664, which gives group write access to my files. cPanel does not like that, and so bombs out with this error:

SoftException in Application.cpp:256: File "/path/to/script.php" is writeable by group

I suspect this is a default that I cannot change myself, other than modifying permissions per-file after I have uploaded them. I think the default should be 644, which works for me.

If the changes can be done and are per-user, my username is "halfer". However, it seems to me that this should be 644 for everyone.

Can this tweak be made, or is it group-write by default for a reason? Thanks!

Thanks wolstech, I am now in via SFTP - woop! Appreciate your help.

I managed to get some 500 Server Errors in cPanel, but I went back in via the Helionet entry page, and it seems OK for now.

Marvellous, thanks. I have your email, and I will try this tomorrow.

I blame the password generator in KeePassX for the lengthy passwords

Unfortunately I can't, since I need to know what cPanel thinks the password is in order to be allowed to change it. I have taken the first 18 characters of the working Helionet password, and it is still reported as wrong.

I don't specialise in infosec, but I've seen it in print that passwords should (these days at least) be allowed to go up to something large (128 chars) in order to avoid these sorts of truncation problems (or to avoid the worse situation of a user getting much less entropy than they think they are getting). But, cPanel is probably about ten years behind things

If you can force a password change for both systems and then PM it to me, that'd be another way to solve it. I can change it again then (assuming changing it will sync it in both places). However, if cPanel is this fussy, then I think the other system needs to be fussy as well...

Try it with only your username: halfer instead of halfer@johnny.heliohost.org.

That's the internals of FileZilla, not me - the username I used here was "halfer". Maybe there's an options panel to determine how that is sent...

Try changing your password to something <20 characters, no symbols. While there shouldn't be an issue, I did run into an issue a little while back on here that turned out to be caused by a password being too long. Also, be aware that the "additional accounts" options don't work with SFTP (you need to use plain unencrypted FTP on port 21 for these).

I think that might be it. Here is my reasoning:

My hugely complex password works on the Helionet login, but if I try to use that to change the cPanel password, it is not recognised (I have copy+pasted it directly from the browser, so I know it is right). It looks like my complex (generated) 40-char password is OK for your company first system, and not for cPanel. They have thus come out of sync. At a guess, I could sit here and try reducing the password length to 39, 38, 37 chars and so forth, but it'd probably be better tracing the bug. We don't want to punish people for using good passwords

I assume the reason I can get into cPanel in the first place is that I use the seamless login device from the first system, and I have never actually used a password to get in.

It's not the additional account thing btw - I am using the main account so I can use SFTP.

If you would like to just delete the halfer user from your systems, let me know when that is done, and I'll post the password I used, if you would like to try debugging. I'll sign up again with a shorter password!

Thanks. It was unblocked for a while, and I was able to get back into the cPanel. However, no such luck on SFTP, where I got some errors:

Error:	GnuTLS error -15: An unexpected TLS packet was received.
Error:	Could not connect to server

I made a substantial effort to dig out my cPanel password and put it into Filezilla, and after a couple of errors, I am back to "Too many authentication failures for halfer". My password is 40 chars long, and has all sorts of brackets and quotes - I doubt that would be it, but hey-ho. I don't normally have these issues - I am a software engineer looking for some hosts to recommend to folks looking for simple hosting.

So, if you have further suggestions I am all ears, but no rush. It sounds like the servers are melting already, and they do not need more users

OK, thanks wolstech. I just logged into https://heliohost.org/login/ which was fine, and from there hopped to cPanel via the automatic login link. Great! Must've been load issues before.

I'm still having issues with SFTP via SSH though, in FileZilla. I'm using username "halfer" to host "johnny.heliohost.org" and port "1373". I OKed a server cert fingerprint. I get logs like this:

Status:	Connecting to johnny.heliohost.org:1373...
Response:	fzSftp started, protocol_version=4
Command:	open "halfer@johnny.heliohost.org" 1373
Command:	Pass: ********************************
Error:	Server sent disconnect message
Error:	type 2 (protocol error):
Error:	"Too many authentication failures for halfer"
Error:	Could not connect to server
Status:	Waiting to retry...
Status:	Connecting to johnny.heliohost.org:1373...
Response:	fzSftp started, protocol_version=4
Command:	open "halfer@johnny.heliohost.org" 1373
Command:	Pass: ********************************
Error:	Server sent disconnect message
Error:	type 2 (protocol error):
Error:	"Too many authentication failures for halfer"
Error:	Could not connect to server
Status:	Disconnected from server
Status:	Connecting to johnny.heliohost.org:1373...
Response:	fzSftp started, protocol_version=4
Command:	open "halfer@johnny.heliohost.org" 1373
Command:	Pass: *****************************

Aha, I just revisited the Helionet panel, and got this:

The IP address 89.249.74.213 has been blocked for trying to log in to SFTP with the wrong password too many times. To prevent this from happening again in the future please make sure your username and password are saved correctly in your SFTP client. You won't be able to continue to cPanel until an admin unblocks you. To request that your IP be unblocked please visit [link]

Oops, and apologies. I pasted the password from my browser, so 99% sure it was right. Now cPanel isn't responding, presumably because of the block.

If you can unblock the IP, I will change my account password in cPanel, so I am 100% sure. Thanks!

(I wonder if my login failure count needs to be reset in the SSH server too?)

Hi there

I successfully logged onto the cPanel, but the SFTP seems to be denying me access. I tried this a few times, and got a "Too many authentication failures for halfer" in Filezilla (while connecting to johnny.heliohost.org:1373). Since then I have had trouble with cPanel on Jonny - either the login operation times out, or I get a "The login is invalid". It seems to be quite inconsistent in how it responds.

I have tried now around 15 times, so I expect I'm blocked. Also, I use a VPN as a matter of course, which may complicate things (I barely know it's there, but it gives me an exit IP usually somewhere in Europe).

If someone can give my account a kick, that would be most appreciated - I am keen to have a play. Thanks for setting up this project!