Kairion

Please let us know if it happens again.

On 2/10/2023 at 5:34 AM, infantex said:

I don't know whether I would have gotten the necessary records if I had run that command before creating (?) the records the way I did.

Also, I could never get the mail and webmail.infantex.com.mx addresses to work.

Unfortunately, mail hosting without having HestiaCP managing your domain DNS records demands some additional settings like I mentioned:

On 2/6/2023 at 2:15 PM, Kairion said:

Per HestiaCP default, your webmail should be accessible from the address webmail.infantex.com.mx, but you need to make sure your DNS hosting has an A record (named webmail) pointing towards your VPS' IP address (the same with MAIL, IMAP, SMTP, and POP)

HestiaCP could be more intuitive and user-friendly to show which records were needed to get everything working but as far as I could see on their forum they aren't exactly aiming to achieve that.

Anyway, I'm glad you're back on Tommy and everything is working now.

22 hours ago, infantex said:

It didn't work.

infantex@vps40:~$ sudo v-list-mail-domain-dkim-dns infantx infantex.com.mx
[sudo] password for infantex: 
sudo: v-list-mail-domain-dkim-dns: command not found

It looks like your HestiaCP bin directory isn't in your secure_path variable. You need to edit the /etc/sudoers file and add this path to it (can break your sudo command if you make any mistakes, so proceed with caution):

/usr/local/hestia/bin

Alternatively, you can simply run the following command:

sudo /usr/local/hestia/bin/v-list-mail-domain-dkim-dns infantx infantex.com.mx

In this way, sudo will know where to find HestiaCP's command v-list-mail-domain-dkim-dns to run it with root permissions.

Let me know if that works.

You're right, @juliano.

Once Tommy is back only there will be a news post about it.

Thank you for your understanding and patience.

This support request is being escalated to our root admins.

This support request is being escalated to our root admins.

Hello, @thorast.

As published on HelioHost news (you can check them on HelioHost's main website, on HelioNet's News section, and on social media, i.e. Facebook, Twitter, and Discord) we have an undergoing incident with Eddie, one of HelioHost's physical servers, which affected some of the virtual servers like Tommy.

You can get more details here:

And here:

We thank you for your patience and as soon as Tommy is back online we will make a post about it.

Hello @trenten.

Once Tommy is back online, its inactivity check will be disabled for seven days before accounts are taken offline for inactivity, giving you plenty of time to log in.

PS: The "Contact HelioNet" forum is for topics related to HelioNet (our community, also known as forums), as stated in its description. Any questions, concerns or other related matters regarding HelioHost features, functionality, and more should be posted in the "Customer Service" section. I've moved your topic there for you.

Hello, @gptcode.

There's nothing wrong with your account.

HelioHost has an undergoing incident as you can see on our news here:

And here:

As soon as Tommy is back online we will have a news post to let everyone know.

13 minutes ago, wolstech said:

It's an internal server component, I believe it's used for hosting nodejs (?) (might be django/flask but Python is just plain CGI to my knowledge...)

Yep, I did some search and it seems Plesk uses it for Node.js. Django/flask are both on WSGI as well as Python.

14 minutes ago, benmmonster said:

My issue resolved itself after some time. I did have Node.js process runing before my WP installation. That would explain it thank you

I'm glad it's working. Feel free to post if you need help with anything else.

16 hours ago, onesmusmuriithi said:

What steps are you guys taking to prevent this from reoccurring in the future, because it seems it will take a while for me and everyone to have access to their site/s.

(Customer reassurance is also very important for future commitment)

First I'd like to say that I'm answering this with my own opinion since (1) I'm not responsible for server management and (2) my opinions do not represent HelioHost or any other of its volunteers. That said, I do personally believe all volunteers will work as they always have done until now: with all diligence and technical knowledge that's possible.

Sadly 0-time exploits, bugs, and even attacks can happen in the future, and if anyone (either a person or a company, being free or paid) tells you they can assure you 100% they will prevent that then they aren't being honest with you. HelioHost can't and won't promise you something no one can, but I do believe all volunteers are committed to doing everything in their efforts to keep HelioHost and its mission going on.

On another note, HelioHost does have a somewhat similar situation's answer that could match your question as well on its FAQ:

https://wiki.helionet.org/faq#why-does-heliohost-crash

Hello, @benmmonster.

I'm accessing your site just fine on its main domain, opening a WordPress site.

Perhaps are you trying to access it with a custom domain? It may be possible it hasn't propagated, and thus you're not reaching your site on HelioHost but on your previous hosting.

I also haven't found anything mentioning "Phusion Passenger" on your site, and I'm pretty sure HelioHost doesn't use and/or provide it.

Could you please provide more information on what URL/address are you accessing and on what page are you getting that error?

16 hours ago, infantex said:

Since my DNS is hosted by Cloudflare, there's nothing under DNS. So no mail._domainkey record to copy from.

DNS page in HestiaCP image: https://screencast-o-matic.com/i/c0nifCVxC9n

My bad. You will find your DKIM on "Mail", hover your domain and click on DNS Records, it is this icon:

Make sure no other records are missing by comparing those with the ones on your Cloudflare dashboard.

16 hours ago, infantex said:

I found (https://forum.hestiacp.com/t/solved-invalid-signature-of-dkim/3028) that when using an external DNS service, you can use the `v-list-mail-domain-dkim-dns` command to query the correct records. However, it didn't work for me. I get an error:

infantex@vps40:~$ v-list-mail-domain-dkim-dns infantx infantex.com.mx
/usr/local/hestia/func/main.sh: line 1548: /usr/local/hestia/conf/hestia.conf: Permission denied
Error: user infantx doesn't exist
/usr/local/hestia/func/main.sh: line 100: /usr/local/hestia/log/error.log: Permission denied
infantex@vps40:

I have three users in HestiaCP: admin, infantx and zaldivar. The infantex.com.mx domain belongs to the infantx user, but I get the same error no matter which user I enter. I even tried with user infantex (the user I to log into my VPS with) to no avail.

The command is right but you have to run it with administrator permissions on your VPS, so you either log in as root on your VPS (usually it's disabled by default due to security concerns) or you need to run it with sudo. It should be like that:

sudo v-list-mail-domain-dkim-dns infantx infantex.com.mx

This command is the terminal version of the web steps I mentioned above.

16 hours ago, infantex said:

I used mailgenius to check it. DKIM turned out to be OK, but I was surprised to learn that both my domain (infantex.com.mx) and the VPS's IP (65.19.141.197) were blacklisted! Mailgenius report: https://app.mailgenius.com/spam-test/979562

However, upon checking https://check.spamhaus.org/, neither one appears to be listed. Should I research more on this subject?

I wouldn't worry about that "Mail Genius". They don't even have the current blacklist's name/site address. Probably they have outdated data and are still using it instead of checking directly on the source.

I checked with MX Toolbox (https://mxtoolbox.com/emailhealth/infantex.com.mx/), and everything seems fine with your domain (it isn't in any blacklists or have any other problems).

16 hours ago, infantex said:

By the way, the v-list-mail-domain-dkim-dns command still gives me an error.

Let me know if running with sudo worked.

On 2/5/2023 at 1:17 AM, infantex said:

Update: Configured the other infantex.com.mx email accounts in GMail, both reading (POP3) and sending (SMTP). Everything seemed to be OK, received several emails after configuring, so it seems to be working. Send an email and also worked... but it landed in spam. I may need to recheck my DMARC/DKIM/SPF configuration. The only thing I did was to add the VPS's IP to the SPF record, so now it reads: "v=spf1 ip4:65.19.141.77 ip4:65.19.141.197 ~all". I didn't change the DKIM record (I don't remember where I got the current value.)

Configured also mail for zaldivar.mx. SPF record for that domain is a little different, though: "v=spf1 a mx ip4:65.19.141.77 ip4:65.19.141.197 -all"

Still, no webmail (for any of the domains).

Your DMARC should be ok since it is per domain and not per server/per host. Your SPF, as wolstech said, is correct as well.

About your DKIM you can get it on your HetiaCP > DNS > Click on your domain > You will find a TXT record named "mail._domainkey". Edit it and copy its value and add it to your DNS hosting with the same name.

Per HestiaCP default, your webmail should be accessible from the address webmail.infantex.com.mx, but you need to make sure your DNS hosting has an A record (named webmail) pointing towards your VPS' IP address (the same with MAIL, IMAP, SMTP, and POP)

Finally, to try to know why your message was sent to spam it would be necessary to check its header. I'm guessing you sent a message to your own Gmail, right? If that is the case please open that message, click on the three dots, and then click on "Show original":

With the original message opened click on "Copy to clipboard", click on "Download Original" or just copy the entire text below the simplified header showed on that page and post it here (warning: message headers contain all data on your message, including your and your receiver's mail addresses, you can redact those for privacy before posting here).

Hello, @davidglz21a.

As requested, your Johnny account was deleted.

About your forum account, there is no need to delete it if you will create a new one. You can post on Contact HelioNet asking for your username to be changed to your new desired one. Although, if you still want it deleted, please make a separate post there asking for your forum account to be removed.

Hello, niemen.

HelioHost is currently undergoing an issue with some servers including Tommy, which is where your account is hosted.

You can check all the details here:

And here:

As soon as everything is back online there will be a post on News forum as well as all as on HelioHost site and social medias and you will be able to access your account again.

About your FTP access, an issue was found on FTP subaccounts and that could be your case so you should also check here:

When Tommy is back online let us know if you are still facing issues with your FTP access or your CMS' admin dashboard so we can help you.

Hello, @benmmonster.

Could you also please tell us which database user(s) will remotely access the database benmmonster_oc?

This support request is being escalated to our root admins.

Username: fasouza. Server: Tommy. Main domain: kairion.helioho.st.

Could you guys please add two additional SFTP users to my account?

They will be used on backup operations so I'd think it's better to have them limited to their respective backup folder instead of using my main SFTP account.

Usernames and passwords sent on HelioHost's Change Password page (https://heliohost.org/password/).

Usernames and their respective root directories:

• fasouza_fashost_keyhelp -> /fasouza/backup/fashost.eu.org/keyhelp/
• fasouza_fashost_fasouza -> /fasouza/backup/fashost.eu.org/fasouza/

Thanks 😊

22 hours ago, Krydos said:

Here's the link to set up the new subscription. https://heliohost.org/vps/pay/?code=ijNhHKePX5ttw587 Once it's set up post back here and I'll cancel the old subscription, and increase the memory.

Sorry for the delay. It's set up, thanks 😄

Username: kairion. Server: VPS67

Hello guys.

I'm running some services on my VPS besides hosting my site and as noted by Krydos on Discord I think I'll really need to get a memory upgrade.

I'd like to upgrade it for now to 2 GB RAM.

1 minute ago, allu62 said:

I'm not sure if this is a good idea. My whole system has been set up by Hestia CP, i.e. the Hestia installation program installed and default configured all servers. So, I think that you can say that Apache, etc "run on Hestia".

I don't see why it would be a problem. I mean all hosting control panels are like that: they install all the required softwares needed to run web hosting (Apache, PHP, MTA/MDA for mails, database servers etc.). Every web hosting control panel will install all of that, in fact that's the reason why before migrating to a different web hosting control panel you have to do a clean OS reinstall.

7 minutes ago, allu62 said:

Concerning the monitoring, I think that I will write a Perl script that periodically checks if the different services are running, and if one of them isn't, sends me an email. This could be done for all services and shouldn't be too difficult to do.

That's a good approach. What you want, as I learned while searching how to help you, is a heartbeat monitor.

Just make a cron job that runs your script and make a ping or get/post request to a monitoring service, here are some free options that I've found (some have "pricing" on URLs because they have free and paid versions but the free versions have heartbeat monitoring):

https://healthchecks.io/pricing/

https://cronitor.io/pricing

https://www.cloudns.net/monitoring/

https://heartbeat.sh/

Uptime Robot does have heartbeat monitoring but just on its paid plans (starting from $8.00/month).

39 minutes ago, allu62 said:

How urgent would you say that it really is to upgrade Hestia? I am well aware that I'll have to do it. But, I'm always hesitating with such "big steps" to make. What if update fails? Wouldn't that mean that the whole system wouldn't work anymore and had to be re-installed?

My personal policy is to always update everything as soon as available. My professional policy is to always keep everything updated with previously tested/validated software (to avoid "0-day" bugs). On both cases, I'd recommend you to update as fast as you can. HestiaCP is a opensource community developed so whenever there's an update being released you can be sure they're fixing real issues and not doing "cosmetic updates" to boast as being active updated. In your situation I don't think you'll have a problem updating it since there's a good time since they released the last updated version and I couldn't find any complains with problems/bugs/errors during the update process and it's unlikely that it would break your OS (but since it's a HestiaCP update it could break itself so you're right while thinking it could be necessary to reinstall it in the unlikely case something goes wrong).

50 minutes ago, allu62 said:

If I think of how many days I spent with the configuration before I got everything running, when I set up the VPS (of course, I've learned a lot meanwhile and it would take less time).

I'm not sure exactly what kind of configuration you did before, but on my point of view it wouldn't be that hard: reinstalling the OS (Krydos does that since we can't do that on our own yet), installing HestiaCP (it has an unattended installer so it would only need to run a script, which Krydos also does for users that request it), logging in to HestiaCP, create a user account for hosting your site and adding your domain to that user account and finally logging in to that account and restore your site's backup (and database's backup if your site has a database).

57 minutes ago, allu62 said:

I'm actually searching the web in order to find "the best way" to back up the VPS. The ideal would be to have some kind of global snapshot, with everyting = system, servers, home directory and databases, that you could simply playback (something like taking an image and restoring it on Windows 10)...

Unfortunately we don't have snapshots on HelioHost's VPS (and if I'm not mistaken it's a paid service everywhere else) but you could backup your site. Unless you made major changes to HestiaCP settings or on your OS (adding scripts, softwares etc.) doing a backup of them would be pointless. Maybe just making a backup of HestiaCP settings could have some use (since then you would'nt need to change its settings/add users etc. again) but I'm not sure what is and what isn't included on HestiaCP's backup feature.

24 minutes ago, infantex said:

For the mail servers:

Monitor type	IP (or URL or Host)	Port	Monitor interval	Monitor timeout
Port	infantex.com.mx	465	10 min	30 s
Port	infantex.com.mx	995	10 min	30 s
Port	zaldivar.mx	POP3 (110)	30 min	30 s
Port	zaldivar.mx	SMTP (25)	30 min	30 s

Both infantex.com.mx and zaldivar.mx are being CloudFlare but it doesn't support any of those ports:

https://developers.cloudflare.com/fundamentals/get-started/reference/network-ports/

Your options:

Change your Uptime Robot settings to check those ports with your server's IP address (IPv4 or IPv6, just one of them is enough), your server's hostname (in your case: tommy2.heliohost.org) or you could go to your CloudFlare DNS' settings and disable proxy (gray-cloud / DNS only) on their A and/or AAAA main entries (their name being your domain only).

17 minutes ago, infantex said:

OK, I will change the settings to monitor tommy2.heliohost.org's ports 465 and 995.

But, can I be sure that if Tommy's mail is up so are my domain's?

Absolutely yes since your mail is provided by Tommy. Using your domain is just a "shortcut" (alias) or a "vanity server" (aka using your domain instead of your actual mail hosting address).

12 minutes ago, infantex said:

Uptime Robot does report the occasional downtime. I'm seeing 98.6% uptime for infantex.com.mx for the last seven days. Last downtime was reported on 2023-01-24 at 23:15:16 (timezone?) and lasted for 28 min.

Since CloudFlare supports ports 80 (HTTP) and 443 (HTTPS) it'll work as long as you configure your Uptimet Robot monitor type as "HTTP(s)" (meaning it'll perform a HTTP(S) check instead of a port check).

About Uptime Robot's timezone, it's the one you configured on your account (check mine below for example):

For anyone interested, here's a zip file with Krydos' Flask example: https://kairion.helioho.st/flasktest.zip

Just download it and extract on httpdocs (Plesk's new account) or public_html (cPanel's transferred account), open flask.wsgi (which is inside the directory flasktest that'll be created when extracting the downloaded zip file) and find:

sys.path.append("/home/YOUR_DOMAIN_HERE/httpdocs/flasktest");

And change YOUR_DOMAIN_HERE with your actual domain, e.g.:

sys.path.append("/home/kairion.helioho.st/httpdocs/flasktest");

And then you can access your Flask example: https://kairion.helioho.st/flasktest/

On 1/20/2023 at 11:56 PM, krsmith28p said:

Hi Krydos. I am still working my way through dealing with my database, currently sqlite (and the differences in Python versions - 3.10 on my development machine, vs 3.7). Although the ability to run multiple apps is attractive, I would be interested in how you could run an app at web root, too, if you could explain? Thanks.

@krsmith28p Here's a zip file with Krydos' Flask example adapted to run on web root (httpdocs for Plesk's new account or public_html for cPanel's transferred account): https://kairion.helioho.st/flasktest_on_webroot.zip

Just extract it on your web root (as indicated above), remove all index files that it may have (index.html, index.htm, index.php etc.), open the file flask.wsgi and find:

sys.path.append("/home/YOUR_DOMAIN_HERE/httpdocs");

And change YOUR_DOMAIN_HERE with your actual domain, e.g.:

sys.path.append("/home/kairion.helioho.st/httpdocs");

It will work the same way as Krydos' original example. You can read these three files and check the differences between them and Krydos' originals. It's actually really easy: I just found all references for "flasktest" (the directory we make in the original example) and removed them (or changed them to a simple "/").

I'm not a Python/Django/Flask expert, but feel free to ask any questions and if I can help, I'll be glad to.

52 minutes ago, amalgd said:

I am trying to setup a Django project by adopting instructions as above. It is not working

https://mainstay.heliohost.org/mainstayerp

I see this in the log:

[core:alert] /home/mainstay.heliohost.org/public_html/mainstayerp/.htaccess: Options not allowed here

can you please help?

 

Edit your .htaccess file and remove this line:

Options +ExecCGI

Your .htaccess file now should look like this:

RewriteEngine On
RewriteBase /
RewriteRule ^(media/.*)$ - [L]
RewriteRule ^(admin_media/.*)$ - [L]
RewriteRule ^(djangotest/dispatch\.wsgi/.*)$ - [L]
RewriteRule ^(.*)$ djangotest/djangotest/dispatch.wsgi/$1 [QSA,PT,L]

If you'd like you can download this zip file: https://kairion.helioho.st/djangotest.zip

And extract it on your web root (httpdocs for Plesk's new account or public_html for cPanel's transfered account). It'll create all directories and files necessary to run this Django example. You just have to open the file /djangotest/djangotest/dispatch.wsgi and find this:

sys.path.append("/home/YOUR_DOMAIN_HERE/httpdocs/djangotest")

And change YOUR_DOMAIN_HERE with your actual domain, e.g.:

sys.path.append("/home/kairion.helioho.st/httpdocs/djangotest")

And then you can access your Django example: https://kairion.helioho.st/djangotest/

35 minutes ago, andreweb said:

@Kairion tried pressing "Ctrl F5" but no success, always same result.

Incognito / Private / Anonymous mode

I know this may sound strange, but I noticed that you're using Microsoft Edge.

I'm not sure why, but Chromium-based browsers (e.g. Google Chrome and Microsoft Edge), even when using incognito/private/anonymous mode, will still use cached versions instead of loading directly from the server if the user has previously accessed the site in normal mode.

Could you possibly try using a different browser that hasn't previously accessed crazyone.tk (with HTTP and HTTPS)?

If you are still unable to access your site, it may be necessary to ask for help from a technician to check your device.

If you want, we can set up a remote support session so I can take a look and help you with it.