wolstech

Your account has been unsuspended. Apologies for the inconvenience on this. It may take a little before your site's domain works again.

A backup of your account will be available shortly at https://heliohost.org/backup/ Instructions for unpacking it are here: https://wiki.helionet.org/Account_Backups#How_to_Extract_Your_Account_Data_from_the_Backup_File To be completely honest, I'm surprised this site is even suspended for financial services (this line of our TOS is meant to prohibit things like banking websites, offering loans, etc. Your site looks like it runs entirely on fake money and even has a disclaimer as such, though I was not the one who suspended it. Crypto sites that are properly designed using Web3 or similar technologies inherently do not have the same data security issues (and associated regulations) that regular financial services face (which is what that line aims to address, though that said the same sorts of risks and scams can apply such as transactions meant to drain a wallet, phishing sites, etc.). If anything, by looking at the code, I'd think the online gambling line of our TOS is more of an issue than financial services (due to the presence of play.html...online gambling with any form of real money or crypto is banned in CA where our servers are located, so we are forced to prohibit that). I'll let Krydos answer the question on what he wants removed since he suspended it.

The backup of the atlas folder and process.php have been uploaded and are in your home folder. I've also re-added the boomarenio.site domain for you that was on your old account. The domain may take up to 2 hours to function.

Correct. We aren’t certified and do not meet the industry-standard security requirements to host financial services, so they cannot be hosted on our servers at all, even if it’s available only to non-US customers.

I’ll upload the files we kept later this afternoon for you when I get to my PC. Once I do so, you’ll see them sitting in your home folder.

The domain won't resolve until we add it to your account. This is normal. As Moneybroz asked above, how do you want this domain configured?

Your account has been reset. When the reset process completes, you'll receive an email with a link to create a new account. Once you've created the new account, please let us know so I can upload the backup of the Atlas folder and the process.php file for you.

That folder only contains one file (process.php) which looks to be a script for sending prebuilt prompts to google gemini. I'll grab that for you as well. I can't back up the entire site because there is malware laying around in a lot of these folders, as well as the phishing site. For what it's worth, I did notice that there is also a Wordpress installation in boomarenio.site/wp/ that is infected. I suspect this is how the phisher got into your account, and is one of the major reasons we don't recommend using Wordpress...it's extremely prone to being hacked. Anything else before I reset the account for you?

I've backed up the contents of the atlas folder for you (looks like its mostly pictures for an ophthalmology guide of some kind). Once the account is reset, I'll upload this into your home folder for you. There is no file called prompt.php on your account that I can find (it's possible the hacker deleted it, there's several different webshells and PHP-based FTP scripts laying around in your account which I assume were uploaded by the hacker to make it easier for him to set up the phishing). Do you know where the prompt.php would have been?

The only option offered for phishing caused by an account being hacked is a full reset without a backup, which deletes all of the data and lets you start over. If there are a few specific files you know you need, we can see about grabbing those for you before resetting, but we cannot provide a backup of the entire website or account due to the presence of illegal/stolen information from the phishing site. Please let us know when you're ready to reset your account.

A fake government website was uploaded to your account at ~/boomarenio.site/Accelee/Accelee/govPt on February 11. The site shows a fake captcha that collects identifying info, then redirects to a fake login screen claiming to be autenticacao.gov.pt to steal login information, then stores the data and looks like it may send it to a telegram channel as well. If you didn't put this there, your account was hacked and the hacker did. Either way, because a phishing page and stolen information are present, the account cannot be recovered.

You've been resuspended for failing to make one of the changes above. Please let us know if you have any questions.

If it's a demo, that's fine, but it needs to either be: Clearly marked as a demo meant for testing/fake info (e.g. "FOR DEMONSTRATION ONLY - DO NOT ENTER ANY REAL INFO INTO THIS SITE") if the site is available to the public, OR you can password-protect it so it's only visible to those who are supposed to review the demo. (Note if you decide to use the password options in Plesk to secure it, they can up to take 2 hours to go into effect) Please make one of the changes above (either a clear notice on all pages, or add password protection so it isn't public) within 24 hours. Failure to do so will result in resuspension. Unsuspended. It may take a few minutes to let you log in again, and the domain can take up to 2 hours to start working.

It was suspended specifically because you set a job to run every 5 minutes to start your bot. This is not a recommended or supported way to do this. The bot itself was perfectly fine and caused basically no load...just start it once (manually) and let it run and do its thing. Stop and restart whenever you update the code. It is best practice to not run a script every few minutes to start it over and over, as doing so causes tons of load (using shell commands is load-heavy, so running them repeatedly just wastes your daily CPU allotment, this is one of a few reasons why exec is disabled for PHP via Apache). Please do not do this again. The recommended ways to start and stop a bot can be seen here (this article is for discord but the concepts apply to other Python-based bots as well): https://wiki.helionet.org/Discord_Bot#Starting_and_Stopping_Your_Bot I've deleted the scheduled task and unsuspended you. It may take a few minutes before you can log in again.

From our terms of service: Can you explain how your site complies with this condition? (If it's a demo, it needs to be clearly marked that it is a visual demonstration and does not actually accept money or provide any services).