wolstech

Forcing HTTPS will break automatic renewal unless you exclude the .well-known folder. Using htaccess is the most common method, just make sure here's an exception for that folder, as plain http must work for thst folder or certs will not renew. Also, forcing HTTPS will break all support for non-SNI capable browsers and OSes, as well as support for devices that do not support TLS 1.2 or newer. If you need to support these devices and browsers, your best (and only) solution is to not force SSL. Our own servers have an "insecure login" button on our site and support for plain HTTP logins for just this reason. Encryption doesn't work everywhere.

You need to move to a different server. Tommy is fastest, but difficult to get a free account on (it fills within seconds every day). Ricky has really good speeds at the moment since we just rebuilt him, and he's not too difficult to get a free account on at midnight UTC. Johnny is meant for testing, so we allow that server to be severely overloaded with new accounts. It's not meant to actually run a real website.

Did you install a third party cert at any point (e.g. let's encrypt)? If so, you have to delete that first. Also, make sure you're not forcing an SSL redirect in .htaccess, or that the .well-known folder is excluded from it. To get certs successfully, the .well-known folder on your domain must be reachable over plain HTTP.

You're suspended for having two accounts. Users are only allowed one account. From the looks of it, you created a tommy account while Ricky was down, then asked for the Ricky account back. Which one do you want to keep?

Krydos pointed out that this guy had another account as well...Metadata associated with the nighteen account finally gave us what we needed to prove it was being used to collect phishing results. That account is now banned as well. For the curious, the nighteen account contains this. The Chase phishing script used is one of the more common ones we see. It's a 4-screen phishing site that collects not just a username/password, but everything needed to steal someone's identity. This one sends the data via email, but I've also seen a version that stores the data in files data1.txt/data2.txt etc. instead. root@johnny [/home/nighteen/www]# ls -R.:cgi-bin Chase Chase.zip./cgi-bin:./Chase:a6e0f69e14fe51f73f84b0e04dd81ace home index.php rezlt.txt./Chase/a6e0f69e14fe51f73f84b0e04dd81ace:antibots.php bt.php css index.php verification-billing.php verification-email.phpblocker.php chase.png email.php res verification-card.php verification-finished.php./Chase/a6e0f69e14fe51f73f84b0e04dd81ace/css:background.desktop.night.4.jpeg Capture.PNG chase-touch-icon-152x152.png logon.css opensans-semibold.woffbackground.mobile.night.4.jpeg chasefavicon.ico jquery-3.1.0.min.js opensans-regular.eotblue-ui.css chase-touch-icon-120x120.png jquery.maskedinput.js opensans-regular.woff./Chase/a6e0f69e14fe51f73f84b0e04dd81ace/res:error_log post1.php post2.php post3.php post4.php./Chase/home:antibots.php bt.php css index.php verification-billing.php verification-email.phpblocker.php chase.png email.php res verification-card.php verification-finished.php./Chase/home/css:background.desktop.night.4.jpeg Capture.PNG chase-touch-icon-152x152.png logon.css opensans-semibold.woffbackground.mobile.night.4.jpeg chasefavicon.ico jquery-3.1.0.min.js opensans-regular.eotblue-ui.css chase-touch-icon-120x120.png jquery.maskedinput.js opensans-regular.woff./Chase/home/res:post1.php post2.php post3.php post4.phproot@johnny [/home/nighteen/www]#

Java is available by request only and has a limited number of slots available. You have to request Java and wait in line for access before you can run Java code. There is a button in cpanel to request access. Once you request it, it can take time to be enabled, though with current demand, the wait right now is only about 24 hours.

The only files on this account are a chase bank phishing site in public_html... If you didn't put that there, someone got into your account and did so. Either way, the uploading of any phishing content to an account, regardless of the reason, results in a permanent ban.

I just manually forced it for you to speed it up. It was scheduled to check at 5:37PM, so if I hadn't, you would've gotten it in another 12 hours. Now that I did that, you'll probably get it within 2 hours or so.

It can take up to 24 hours for it to get a certificate. Also, make sure you do not have a forced SSL redirect on your domain (or that the .well-known folder has an exception). That folder must be accessible over plain HTTP or it will fail.

Sent. Please keep in mind you'll need to pick a different username.

Your account is still active...I'll make it easy and just suspend the old one and send a replacement.

There is no need to do anything special to use new functionality. Just use it as you always have. Also, there's no way to "reset" an account. You have to back all your data up and delete your account entirely, then we send you an invite to create a new one. If you want to do that, delete your account and let us know so we can resend the invite.

@Flaze: He means the forum account. Gone.

It looks like you are trying to restore a backup for the user “admsc”. The user “admsc” already exists on this system. That can't be unarchived because it's already active.

Unarchived.

Unarchived.

Indeed inactivity. Unsuspended. Give it a few minutes and it'll be up again. Lily accounts go inactive when the cPanel account they're associated with goes inactive. Also, a Lily account that's inactive can be renewed just like a regular account by entering the Lily username at https://heliohost.org/renew/ They do take a few minutes longer than a cPanel account to start working again though.

Unarchived.

Unarchived.

Unarchived.

Unarchived.

My response yesterday morning was poorly timed, even I didn’t know that K was planning to finish the server yesterday until the announcement. I’ll get this unarchived for you later tonight when I’m at a computer if someone else doesn’t do it sooner.

Unarchived.

Unarchived.

That account is already active.