wolstech

It was for inactivity. I've renewed it for you.

That domain is already added and seems to be working fine. I see an html tutorial page. Is there something wrong with it?

He got banned for Phishing. Posting this just earned him a forum ban too. What I don't know, is why he was banned for phishing to begin with. I didn't ban him, and I can't find any true phishing on his account. EDIT: Just realized I was looking in the wrong account. His username here belongs to someone else on Ricky...re-researching the correct account (fladnag). EDIT 2: I still can't figure out why this is banned. I see a copy of Open Web Analytics, and that's about it. On the bright side, his copyright claims are nonsense. Perhaps Krydos knows. I am going to leave his forum account unbanned, since I still have no idea why this account is even marked as Phishing to begin with. I can't find any form of malware or phishing site on it, there's nothing in the mail folders, and no abuse report. I suspect it may be the filenames used by his software...

Correct, we don't allow it unless you explicitly request it. Since the required info is in the connection string, I'll let Krydos look at this to set it up.

The contents of an account banned for phishing cannot be recovered due to containing stolen information. Similarly, it cannot be deleted as it may be needed as evidence for law enforcement. Also, copyright law does not require we return your data. It only requires we not distribute it without permission. In addition, our Terms of Service (available here: https://wiki.helionet.org/Terms) makes it explicitly clear that: Users are responsible for backups.That HelioHost is not responsible for lost data.That HelioHost may not be used for illegal activity, which includes Phishing.

Use https://tommy.heliohost.org:2083/ (with nothing after the / ). I'll fix the archive message in a moment. I forgot that transferring an archived account won't automatically fix login dates and account state...

I feel like this would cause a bunch of load...I'm assuming you're looking at this: http://php.net/manual/en/class.thread.php Lets see what Krydos says.

This account has a compromised CMS installation that has been affected by the recent AnonymousFox hack and cannot be unsuspended. An invitation will be sent to you shortly so you can create a new account. Please restore your data using a backup. The data from your old account cannot be recovered or returned to you due to the possibility of the account having been used for Phishing. As a reminder, when selecting a CMS, we highly recommend that users not use WordPress. WP and it's extensions are notorious for having security issues such as the one you (and everyone else on Tommy) experienced, and it has the worst security track record of any CMS out there. Using a different program will help prevent this from happening again.

@Byron: It's also AnonymousFox'd...I just banned it. @torels2: An invite for a new account will be sent shortly.

They can't use our install of PMA. If this is desired, you would need to install PhpMyAdmin on your own account and access it via your domain, or enable remote access and advise users to use a tool like MySQL Workbench to administer their database.

That account has been moved to Tommy. The username is space4u2, and you may need to reset the password if you're not able to log in.

Moving...

We never notify prior to suspension except for inactivity. This is intentional, because a large number of our suspensions are for criminal activity (usually phishing), and notifying before suspension would let them retrieve their stolen data. I agree that an email AFTER a suspension might be a good idea, I'll float that in the moderator boards. Wordpress is notorious for causing high load suspensions here. We often recommend not using it due to its well known security issues, but load is another great reason to avoid it. Also, you're correct in that CF does cache the dynamic pages, but it still queries our server to see if new ones are available every so often. Accessing a php page triggers the script to run, even in cases where the body of the page isn't needed (e.g. HEAD request), which lets to the load being generated. I've used CF myself for a few sites, and have personally observed it accessing our server when I refresh, even with "cache everything".

We don't make browsers do that, they just do. Cloudflare makes it even worse since it can cache it too and keep serving it after the site is unsuspended. We have all the "don't cache this" headers there are set on it, yet a lot of browsers still cache it anyway thinking they are being helpful. Whatever you're running is just too heavy. Cloudflare won't fix heavy scripts either since dynamic content can't be cached. CF really only helps with the static components of your website (graphics, style sheets, etc.)

Failed SMTP logins...that makes sense if you incorrectly configured Outlook. Unblocked.

That domain cannot be changed due to a server error. The domain does seem to work already though and is showing as changed in one of the two systems. API failure: Failed to find the domain(s): “robotok.idunetwork.eu.org”. at /usr/local/cpanel/Cpanel/PHP/Config.pm line 255. Cpanel::PHP::Config::_get_php_config_for_domains(0, ARRAY(0x5a1a8a8)) called at /usr/local/cpanel/Cpanel/PHP/Config.pm line 275 Cpanel::PHP::Config::get_php_config_for_domains(ARRAY(0x5a1a8a8)) called at /usr/local/cpanel/Cpanel/PHPFPM.pm line 884 Cpanel::PHPFPM::remove_primary_domain_fpm_conf("robotok.idunetwork.eu.org") called at /usr/local/cpanel/Whostmgr/Accounts/Modify.pm line 246 Whostmgr::Accounts::Modify::modify("_PACKAGE_EXTENSIONS", "", "domain", "idunetwork.eu.org", "newuser", "mralicar", "rename_database_objects", 1, ...) called at /usr/local/cpanel/Whostmgr/API/1/Accounts.pm line 405 Whostmgr::API::1::Accounts::modifyacct(HASH(0x255b170), HASH(0x50d43f8), HASH(0x52948f8)) called at whostmgr/bin/xml-api.pl line 3138 whostmgr::bin::xml_api::__ANON__(HASH(0x50d43f8), HASH(0x255b170), HASH(0x52948f8), CODE(0x4d2f950)) called at /usr/local/cpanel/Whostmgr/API/1/Data/Wrapper.pm line 218 Whostmgr::API::1::Data::Wrapper::__ANON__() called at /usr/local/cpanel/3rdparty/perl/524/lib64/perl5/cpanel_lib/Try/Tiny.pm line 98 eval {...} called at /usr/local/cpanel/3rdparty/perl/524/lib64/perl5/cpanel_lib/Try/Tiny.pm line 89 Try::Tiny::try(CODE(0x4c803a8), Try::Tiny::Catch=REF(0x59f5a90)) called at /usr/local/cpanel/Whostmgr/API/1/Data/Wrapper.pm line 237 Whostmgr::API::1::Data::Wrapper::execute_internal(CODE(0x4e63bc8), HASH(0x255b170), HASH(0x52948f8), HASH(0x4db2a78), CODE(0x4d2f950)) called at whostmgr/bin/xml-api.pl line 3296 whostmgr::bin::xml_api::runapp("modifyacct", HASH(0x52948f8), HASH(0x255b170), 0, CODE(0x4d2f950)) called at whostmgr/bin/xml-api.pl line 3071 whostmgr::bin::xml_api::script(CODE(0x4d2f950), "-json", "./modifyacct") called at whostmgr/bin/xml-api.pl line 3024 Lets see what Krydos says.

POP3 settings should be: Host: <servername>.heliohost.org (where servername is ricky or tommy)Port: 110Username: Your full email addressPassword: Email account's passwordWe usually recommend using a forwarder in cPanel on our end though, vs. setting gmail to pull the mail in. The mail will get delivered faster. As for Ioncube, it's intentionally disabled due to a history of abuse (copyright infringement and botnets) and cannot be enabled. Ironically, WHMCS was the worst offender since it's paid software and nearly everyone on our service would install a crack for it.

You already have an archived Johnny account. Do you want me to move that to Tommy and restore it instead?

Easiest way is to change the extension to .txt instead so its displayed as a text file.

The WordPress install is full of malware, so it cannot be recovered. The themes folder and uploads folders look clean though, so you can have those back. The remainder of the files in the tomyself folder have been discarded. I also left a zip file called tomyself.zip that appears to be a backup from December 2017 in there for you as well. I also deleted the index.php from the root of your public_html, the htaccess file, a php.ini file, and two folders called index and config that were both full of malware. A zip file and a database dump have been placed in your home folder.

I can export the DB and leave it in your new accounts home folder for you. Be aware that the users table will be truncated before it is exported due to malicious user accounts being added by the malware. What's the new account's username?

This account has a compromised CMS installation that has been affected by the recent AnonymousFox hack and cannot be unsuspended. An invitation will be sent to you shortly so you can create a new account. Please restore your data using a backup. The data from your old account cannot be recovered or returned to you due to the possibility of the account having been used for Phishing. As a reminder, when selecting a CMS, we highly recommend that users not use WordPress. WP and it's extensions are notorious for having security issues such as the one you (and everyone else on Tommy) experienced, and it has the worst security track record of any CMS out there. Using a different program will help prevent this from happening again.

Whoever said high load didn't check this thoroughly. That account is actually full of malware due to hacked Wordpress. I've sent an invite for a new account. Please see below for details.

They actually just hiked them in September 2017. They apparently don't want to deal with people contributing < $5/month, so they changed their fee structure to penalize users who pledge less than $5/month (these tiny donors now get to pay even more in fees...). I suppose it wouldn't be bad for larger donors, but I'm not aware of any recurring larger ($5+) donors beyond maybe 1 or 2 users. Would the aggravation of setting this up be worth it for these people?

It was for inactivity. Be sure you're signing in at least once every 30 days using https://heliohost.org/login/ or https://tommy.heliohost.org:2083/ (with nothing after the / ) so your logins count. Unsuspended.