wolstech

That path isn’t valid. All document roots and folders MUST be inside public_html, and to access it with that path, you’d also need to make it a subdomain.

Domain on account harshsha has bene changed to viralbag.heliohost.us

What do you want your domain to be?

Krydos has to handle VPS issues.

This account was automatically suspended because it is substantially similar to several others that were recently used for phishing activity. Can you explain?

Unarchived.

Unarchiving...

Your account should now be functional again. Our apologies for the inconvenience. Since this shouldn't have happened, I've also pushed your last login date out until the end of the month. Please make sure you log in again before June 30 to avoid suspension.

Well that's odd. It's active in one system and suspended in another. We'll get this fixed for you shortly. The system does normally notify you of inactivity by email before you get suspended for it, but since the account management system didn't actually mark you inactive (and in fact the login date is current on your account, so you shouldn't be inactive), it never sent the email.

Unblocked. It may take up to 15 minutes. The reason given was DOS 55 Connections, which is due to opening too many connections at once. More often than not, this isn't anything you did but rather our firewall being overly sensitive due to an ongoing DOS attack.

Krydos has to set this up manually for you.

This account cannot be unarchived because you already have another active account. Users are only allowed one account. If you want this one unarchived, please delete bashar20 first.

Unarchived.

I've never heard of a meta tag for HTTPS, so not sure what if anything that would actually do. This in theory can be made to work even on old devices, but it's not free ($12/yr for a dedicated IP which would eliminate the SNI issue) and also would need Krydos to enable some outdated TLS protocols (1.0 and 1.1) for your domains if he's able to do so (protocols newer than 1.1 this are not supported on Windows XP). Is support for dead technology really that important for your site? The only reason I've ever needed to make this sort of thing work was for an API. Old code on old OS needed to talk to Tommy, and I ended up removing the TLS entirely since it was a quick fix. I'm finally down to exactly one device left (from about 80 last year) still leaning on that code and API, so I personally could care less about legacy support on my own apps at this point. Personally, I'd leave that stuff in the dust unless you have good reason to support it, and just put a redirect with a .well-known folder exception.

Krydos can do this for you.

Tags suggest its for PHP 7.3. Krydos has to do this for you. Escalating.

Forcing HTTPS will break automatic renewal unless you exclude the .well-known folder. Using htaccess is the most common method, just make sure here's an exception for that folder, as plain http must work for thst folder or certs will not renew. Also, forcing HTTPS will break all support for non-SNI capable browsers and OSes, as well as support for devices that do not support TLS 1.2 or newer. If you need to support these devices and browsers, your best (and only) solution is to not force SSL. Our own servers have an "insecure login" button on our site and support for plain HTTP logins for just this reason. Encryption doesn't work everywhere.

You need to move to a different server. Tommy is fastest, but difficult to get a free account on (it fills within seconds every day). Ricky has really good speeds at the moment since we just rebuilt him, and he's not too difficult to get a free account on at midnight UTC. Johnny is meant for testing, so we allow that server to be severely overloaded with new accounts. It's not meant to actually run a real website.

Did you install a third party cert at any point (e.g. let's encrypt)? If so, you have to delete that first. Also, make sure you're not forcing an SSL redirect in .htaccess, or that the .well-known folder is excluded from it. To get certs successfully, the .well-known folder on your domain must be reachable over plain HTTP.

You're suspended for having two accounts. Users are only allowed one account. From the looks of it, you created a tommy account while Ricky was down, then asked for the Ricky account back. Which one do you want to keep?

Krydos pointed out that this guy had another account as well...Metadata associated with the nighteen account finally gave us what we needed to prove it was being used to collect phishing results. That account is now banned as well. For the curious, the nighteen account contains this. The Chase phishing script used is one of the more common ones we see. It's a 4-screen phishing site that collects not just a username/password, but everything needed to steal someone's identity. This one sends the data via email, but I've also seen a version that stores the data in files data1.txt/data2.txt etc. instead. root@johnny [/home/nighteen/www]# ls -R.:cgi-bin Chase Chase.zip./cgi-bin:./Chase:a6e0f69e14fe51f73f84b0e04dd81ace home index.php rezlt.txt./Chase/a6e0f69e14fe51f73f84b0e04dd81ace:antibots.php bt.php css index.php verification-billing.php verification-email.phpblocker.php chase.png email.php res verification-card.php verification-finished.php./Chase/a6e0f69e14fe51f73f84b0e04dd81ace/css:background.desktop.night.4.jpeg Capture.PNG chase-touch-icon-152x152.png logon.css opensans-semibold.woffbackground.mobile.night.4.jpeg chasefavicon.ico jquery-3.1.0.min.js opensans-regular.eotblue-ui.css chase-touch-icon-120x120.png jquery.maskedinput.js opensans-regular.woff./Chase/a6e0f69e14fe51f73f84b0e04dd81ace/res:error_log post1.php post2.php post3.php post4.php./Chase/home:antibots.php bt.php css index.php verification-billing.php verification-email.phpblocker.php chase.png email.php res verification-card.php verification-finished.php./Chase/home/css:background.desktop.night.4.jpeg Capture.PNG chase-touch-icon-152x152.png logon.css opensans-semibold.woffbackground.mobile.night.4.jpeg chasefavicon.ico jquery-3.1.0.min.js opensans-regular.eotblue-ui.css chase-touch-icon-120x120.png jquery.maskedinput.js opensans-regular.woff./Chase/home/res:post1.php post2.php post3.php post4.phproot@johnny [/home/nighteen/www]#

Java is available by request only and has a limited number of slots available. You have to request Java and wait in line for access before you can run Java code. There is a button in cpanel to request access. Once you request it, it can take time to be enabled, though with current demand, the wait right now is only about 24 hours.

The only files on this account are a chase bank phishing site in public_html... If you didn't put that there, someone got into your account and did so. Either way, the uploading of any phishing content to an account, regardless of the reason, results in a permanent ban.

I just manually forced it for you to speed it up. It was scheduled to check at 5:37PM, so if I hadn't, you would've gotten it in another 12 hours. Now that I did that, you'll probably get it within 2 hours or so.

It can take up to 24 hours for it to get a certificate. Also, make sure you do not have a forced SSL redirect on your domain (or that the .well-known folder has an exception). That folder must be accessible over plain HTTP or it will fail.