Of course, I'm only commenting on my experience and my personal use on Tommy:
- I wasn't using RoundCube. I only use ThunderBird on my main PC.
- It might be a placebo effect after these days of pain, but I feel like response times are better than before this DDoS issue.

As far as I'm concerned, no further help is needed.
Thanks again!

Today a quick check shows that the situation has greatly improved: no 503 errors and normal response time.

Thanks staff, you guys are great !

Today I found around 80% downtime on Tommy, mainly 503 errors.

Checked the logs :

1 - many 

mod_fcgid: can't apply process slot for /var/www/cgi-bin/cgi_wrapper/cgi_wrapper

errors.

2 - Yesterday, got 898 requests from 92.62.121.xxx within a few hour : Wordpress illegal access attempts from Cyberzonehub.

3 - Previously I checked many illegal/abuse access from other server, mainly from :

- VPN server

- Datacamp

- AmazonWebService

- Chinese servers

- etc

Added more than 250 CIDR to .htaccess file to block them.

Still got many intermittent 503 errors too, appeared one month ago or so.

I tested with php script :

<?php
$json = json_decode(file_get_contents("_config.json"));
var_dump($json);
?>

...this gives same result as full script (mySql / ajax).

This seems not specific to code or account.

Hi !

I noticed numerous 502 - 503 - 504 errors on Tommy since several days.

Any idea ?

All issues fixed.

Any chance non-linux/nginx  guru like me could receive early notifications on such issues and how/who fix it / part of it ?

Best regards ;-)

Dashboard is working ok - except for the phpMyAdmin part. :-(

Site access gives either

- 500 error

- no MySQL

- no SSL

I read previously that Tommy had some issues today, but apparently it's still ongoing.

Agree, Tommy looks a little bit tired today !

- no SSL

- no MySQL

Dashboard working - except for the phpMyAdmin part. :-(

Thanks but no need for a quota raise, I've sorted the issue.

Actually my site sends emails only for user's registration &  when they forget their password. So that's no more than 10/day.

The quota limit raise was only required when trying to sort the problem of mails ending into spam boxes and therefore having to use phpmailer more than usual for testing purposes.

My site does not use any cms, I've coded all php/mysql/javascript by myself.  You may ask more info if you need to.

Thanks again for the help.

So, things are ok now for both html and text body when using

$smtp->Encoding      = "quoted-printable";

The issue remains with outlook.com event when sending plain text (utf-8) mails, they all go to the spam box.

According to github.com there is nothing I can do : https://github.com/PHPMailer/PHPMailer/issues/1412

The more important is that it is ok with gmail.com and yahoo.com for html body mails.

Hope this helps.

Thanks Team for your support !

Thanks !

It also looks like   

$smtp->Encoding      = "base64"; 

in my code is wrong as "base64-encoded HTML bodies make you look like a spammer" (from stackoverflow.com)

So I changed it to 

$smtp->Encoding      = "quoted-printable";

Now the problem is I cannot test this due to the "SMTP quota exceded" error !

Is it possible to have a temporary quota limit above 10/hour ?

I flushed the cache and site is ok now.

No more rDNS issue with mail-tester but now ALL mails go inside spam boxes - tested on yahoo.com / outlook.com / free.fr /gmail.com. :-(

gmail worked ok before !

https://www.mail-tester.com/test-hs73gnpd4

Thanks, but now I got the Plesk def page instead of the site !

Additionally the back-office pages are no more https.

Web Server's Default Page

This page is generated by Plesk, the leading hosting automation software.
You see this page because there is no Web site at this address.

Hi !

I recently moved the registration mail function on my site to plesk using phpmailer and everything is going well, but... all sent mails go into receiver's spam folder, except for the gmail addresses.

I checked with mail-tester.com, it gives 10/10 but says that :

Your IP address 65.19.154.93 is associated with the domain name 3(NXDOMAIN).
However your message seems to be sent from tommy2.heliohost.org.

You should change the DNS pointer record (Type PTR) and the host name of your server to the same value

Here are the tested values for this check:

• IP: 65.19.154.93
• HELO: tommy2.heliohost.org
• rDNS: 3(NXDOMAIN)

This looks to me like Chinese stuff and is way beyond my skills !

I'm using two mail addresses (don't know if that matters) : 

• admin@tdm-yamaha.heliohost.org
• no_reply@tdm-yamaha.heliohost.org

Thanks for your help, I always appreciate the support found here.

At 01:57 UTC it works ok again.

Same here, no SSL since several hours today (Tommy server).

I did not do anything on Plesk panel relative to SSL, the Let' Encrypt certificate is still valid - more than one month before renew.

It worked ok until today, I'm no SSL guru so when it works I don't touch it.

SSL/TLS certificate panel on Plesk says no problem - all green lights.

All browsers  display the same warning message - as above : Firefox / Chrome / Brave.

All caches are cleared with no result.

TIA - cheers

All clear !

Thanks a lot to the team, you guys are great.

Hi !

While making ftp transfert I found Tommy went down about one hour ago.

Then checked http & login :

- no ftp

- no http

- no login to Tommy

Cheers

Hi !

got 500 error on any php script, including "Hello world" simple script, since Thu Mar 14 04:21:10

Error_log :

[Thu Mar 14 04:21:10.041187 2024] [core:error] [pid 30672:tid 140669255358208] [client 17.241.75.154:40454] End of script output before headers: index.php
 

No error on pure html files.

So...

• Went on the Plesk panel, then the SSL/TLS Certificate page.
• Removed two Zero SSL certificates that looked suspicious (I find a lot of suspicious things when I frown).
• Clicked the Reissue Certificate button, then 
• Clicked the Install a free basic certificate provided by Let's Encrypt / Install button at bottom of page.

Hi !

No more https on my site since around 10am UTC today.

Plesk panel says ssl is ok.

Chrome says certificate expired since 2022-07-28 !

Firefox says :

www.tdm-yamaha.heliohost.org uses an invalid security certificate.
 The certificate is not trusted because it is self-signed.
 Error code: MOZILLA_PKIX_ERROR_SELF_SIGNED_CERT

So...what's wrong ? Heat weave ?

Not an ssl guru so I'm a little bit lost.

Thanks for help.

Seems ok now !

?

Hi !

Got the 302 Bad Gateway error / nginx.

From the log : 

Started @ 2023-02-10 01:27:08 UTC

It looks like it's down again ! 

No idea if it's related but I had some issues with this ip : 91.240.118.188

Location is Moscow, Russia.

It did something like 1200 fake requests/hour.

Eventualy  put it in htaccess.

Cheers !

On 10/7/2022 at 10:42 AM, Krydos said:

Both options work.

You sure ?

I received on 2022-09-14 a mail  which said I did not log-in since 2021-06-26 although I logged-in at least two times a week with https://tommy2.heliohost.org during the last months, including a few days before 2022-09-14.

I eventually received a renew mail after my account was suspended on 2022-09-16.

Renew was successful after log-in with https://heliohost.org/renew.

Best regards.