wolstech

It's a fake system folder used to emulate Windows XP-era AppData...odds are the reason you're seeing this is because either your Mono version is too old to run on modern Windows, or more likely it has a bug that wasn't fixed because nobody ever bothered testing it on newer Windows (you're the first person I've ever met that wanted to run this on Windows...) You can find the hidden folder by going into Folder Options->View->uncheck "Hide Protected Operating System Files"->Yes. Be aware that messing with this folder may break support for older software.

As soon as Krydos looks at it. The report suggests your email address contact got compromised, but I want to make sure he doesn't see anything I missed while looking through it. Left unfixed, sending spam can cause the entire server to end up blacklisted.

This time around it went inactive...make sure you use https://heliohost.org/login/ or https://tommy.heliohost.org:2083/ (with nothing after the slash) so your logins count. FTP, mail, and similar do not count. Unsuspended.

We don't support A records for any domain that's not your main domain, so you won't be able to use that here unless you make it your main domain (which will delete your heliohost.org subdomain). Please be advised that if you decide to make it your main domain, mail, cPanel's DNS functions, CloudFlare, and several other functions won't work properly without using our name servers. We also won't provide any form of support for an account used in this manner since we cannot troubleshoot or make any guarantees as to what will and will not work Last time I heard, those domains supported custom DNS servers though. Usually you won't create NS records, but rather find an option buried somewhere else that's labeled "Custom DNS Server", or "Use my own name server" or similar.

Lets have Krydos turn this on for you.

That looks like Mono itself is broken. Are you running Mono as your own user, and does the folder shown in that Access Denied error in the cmd window exist? If not, create it. If it does, verify you can open it.

If you delete your account, it should free itself. It may take a few hours to fully delete though.

More than likely you either have a weak password or an infected website. I'll let Krydos take a deeper look before we unsuspend it.

Have you tried manually starting Mono on port 2000, leaving it running in the background, verifying you can reach 127.0.0.1:2000, then restarting Apache while Mono is already running and testing through Apache?

Did you enable remote access for your IP address in cPanel?

MonoListenPort 80 I think this needs to be changed to 2000. The error log shows Apache trying to connect to Mono on port 2000, but these settings imply Mono would start on port 80 (and fail since 80 is occupied by Apache).

Do you have Mono itself installed, and does it work if used outside of Apache? That error is saying it can't start Mono to run the script.

Your account is suspended for sending spam. Can you explain the below report we received? We have received a complaint about your account. Please investigate and fix within 24 hours. Hurricane Electric Abuse Department support@he.net From fbl@bounce.mailstream.senderscore.net Thu Jan 10 10:10:45 2019 Return-Path: <fbl@bounce.mailstream.senderscore.net> X-Original-To: report@abuse.he.net Delivered-To: report@abuse.he.net Received: from he.net (he.net [216.218.186.2]) by abuse.he.net (Postfix) with ESMTPS id 8E0B65410F1 for <report@abuse.he.net>; Thu, 10 Jan 2019 10:10:45 -0800 (PST) Authentication-Results: he.net; dkim=pass (no signature error) header.i=@senderscore.net header.s=081107 header.b=X9deLWvx Received: from mrd.us-east-1a.returnpath.net ([54.84.12.226]) by he.net with ESMTPS (ECDHE-RSA-AES128-GCM-SHA256:TLSv1.2:Kx=ECDH:Au=RSA:Enc=AESGCM(128):Mac=AEAD) for <abuse@he.net>; Thu, 10 Jan 2019 10:11:41 -0800 Received: (Haraka outbound); Thu, 10 Jan 2019 18:10:41 +0000 Received: from localhost (ip-10-252-29-47.ec2.internal [10.252.29.47]) by mrd.us-east-1a.returnpath.net (Haraka/2.8.21) with ESMTP id 03AF4440-29DC-4C1F-B83D-B63F9C90A69C.1 envelope-from <fbl@bounce.mailstream.senderscore.net>; Thu, 10 Jan 2019 18:10:41 +0000 Date: Thu, 10 Jan 2019 18:10:41 +0000 Mime-Version: 1.0 X-Rp-Fbl: type=arf; Content-Type: multipart/report; report-type=feedback-report; boundary=92e68563116c525d60ff34db528f537fcbde50422e0c0466c67edf65b017 Message-Id: <01D0WFB1GV4S6YNY5QJPWMN7JJ.fbl@bounce.mailstream.senderscore.net> To: abuse@he.net Subject: La Poste Abuse Report From: La Poste FBL Service <feedbackloop@laposte.senderscore.net> DKIM-Signature: v=1;a=rsa-sha256;bh=7XZzWLAdwNP4lnmWzh6LQ3L2eLWcWjk8GQs9DrXccc4=;c=relaxed/simple;d=senderscore.net;h=from:to:subject;s=081107;b=X9deLWvxlxpL4tau8lHBDHNUdrEEKp38rozoobb8qpBOMhtzoo6brDxZRkIwQ5+YWd6Ueip41642ZH4JZ56T2snpPd4cfcT9JkNNGWfAiG39QvtSpehFpK2Z8n6avUHaLWO2mbiSd/TrcgUqLrXQa6kbcdd9WA7/9J6NpwuUJi8= --92e68563116c525d60ff34db528f537fcbde50422e0c0466c67edf65b017 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: quoted-printable This is a La Poste Abuse Report for an email message received from domain j= urisconsult.mg, IP 65.19.143.6, on Thu, 10 Jan 2019 04:15:13 +0000. --92e68563116c525d60ff34db528f537fcbde50422e0c0466c67edf65b017 Content-Disposition: inline Content-Transfer-Encoding: 8bit Content-Type: message/feedback-report Feedback-Type: abuse User-Agent: ReturnPathFBL/2.0 Version: 1 Original-Rcpt-To: c48a97fc7fcc7f7aa8eff5c4dea84b91@laposte.net Abuse-Type: complaint Subscription-Link: https://fbl.returnpath.net/manage/subscriptions/63187 Arrival-Date: Thu, 10 Jan 2019 04:15:13 +0000 Original-Mail-From: contact@jurisconsult.mg Reported-Domain: jurisconsult.mg Source-Ip: 65.19.143.6 Source: La Poste --92e68563116c525d60ff34db528f537fcbde50422e0c0466c67edf65b017 Content-Disposition: inline Content-Transfer-Encoding: 8bit Content-Type: message/rfc822 Received: from PIPE (localhost [127.0.0.1]) by lpn-prd-vrfbf01.prosodie (Postfix) with SMTP id B1AE739D0F670 for <lapostespam@mailtroc.com>; Thu, 10 Jan 2019 19:10:35 +0100 (CET) Received: from lpn-prd-vrin016.laposte (LHLO lpn-prd-vrin016) (10.128.63.17) by lpn-prd-mstr069 with LMTP; Thu, 10 Jan 2019 05:15:41 +0100 (CET) Received: from lpn-prd-vrin016 (localhost [127.0.0.1]) by lpn-prd-vrin016 (Postfix) with ESMTP id 545CE280012 for <c48a97fc7fcc7f7aa8eff5c4dea84b91@laposte.net>; Thu, 10 Jan 2019 05:15:41 +0100 (CET) Received: from tommy.heliohost.org (tommy.heliohost.org [65.19.143.6]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by lpn-prd-vrin016 (Postfix) with ESMTPS id B2B2A280047 for <c48a97fc7fcc7f7aa8eff5c4dea84b91@laposte.net>; Thu, 10 Jan 2019 05:15:40 +0100 (CET) DKIM-Signature: v=1; a=rsa-sha256; q=dns/txt; c=relaxed/relaxed; d=jurisconsult.mg; s=default; h=Content-Type:Content-Transfer-Encoding:Date: Message-ID:Subject:Cc:To:From:Sender:Reply-To:MIME-Version:Content-ID: Content-Description:Resent-Date:Resent-From:Resent-Sender:Resent-To:Resent-Cc :Resent-Message-ID:In-Reply-To:References:List-Id:List-Help:List-Unsubscribe: List-Subscribe:List-Post:List-Owner:List-Archive; bh=79Lg4ePRKK2ZbDDMJiZbS5Vg+P8j4lpqzyYXlZe/trA=; b=UT0jlknLpRFL7T18+wiBf/LClw FcUe8akBCWelDrVyRE3CyyL0KqtzXRdfPU6zkcCplHnX7yXw1ARPkXlZ7INNdJ3/yQAcSqjqYgHAS 7gYaQVxV7NGm9cM1ZUrzOqazxo4K3vfFVUr8/MkalMR6sDSXTmGUsytYP64RnBlKC93KrVKknEGSH SLs7GWP7KyhDiQVy9DcTJT0u3rckDU8ESmiHnkrGjA8CkeG6fl+CT+DO5jq2gngBZS5GcnNsZlgg6 0vLfztF0tN0x21OcBW5ubXBNWmtSmjYpTVm00cUvMMlP9dVMrHk/IynoC+DGjxWEBwHVRVLdW4Dee +vKInyMA==; Received: from [45.224.162.101] (port=59315 helo=[127.0.0.1]) by tommy.heliohost.org with esmtpsa (TLSv1:ECDHE-RSA-AES256-SHA:256) (Exim 4.89) (envelope-from <contact@jurisconsult.mg>) id 1ghRkM-0004KU-Vi; Thu, 10 Jan 2019 04:15:11 +0000 From: "CANAD.. PHARMACY" <contact@jurisconsult.mg> To: c48a97fc7fcc7f7aa8eff5c4dea84b91@laposte.net Cc: c5d09657a59c4588afe1f1f28d7f3b65@sbcglobal.net, 87213eedd875dcbb5d1fc38df8352b5a@gmail.com, 90c126ea6cc754d7935bbf3fe8ade5b1@freenet.de, 51e8e105a19d86a084569a8f6d6d3d94@hotmail.com, a9704a8171e639e29ffefb2e46b5b25c@sbcglobal.net, b9ede8f8b854b939ec53da68ff432fcd@web.de Subject: PHARMACY WEBSITE - mending masculine ability Message-ID: <FA22A3BA.817FB96E2A08A6BF@jurisconsult.mg> X-Priority: 3 Importance: Normal Date: Thu, 10 Jan 2019 05:15:13 +0100 Content-Transfer-Encoding: quoted-printable Content-Type: text/plain; charset=UTF-8 X-Mailer: Infraware POLARIS Mobile Mailer v2.5 X-AntiAbuse: This header was added to track abuse, please include it with any abuse report X-AntiAbuse: Primary Hostname - tommy.heliohost.org X-AntiAbuse: Original Domain - laposte.net X-AntiAbuse: Originator/Caller UID/GID - [47 12] / [47 12] X-AntiAbuse: Sender Address Domain - jurisconsult.mg X-Get-Message-Sender-Via: tommy.heliohost.org: authenticated_id: contact@jurisconsult.mg X-Authenticated-Sender: tommy.heliohost.org: contact@jurisconsult.mg X-Source: X-Source-Args: X-Source-Dir: Lpn-Authentication-Results: helo=tommy.heliohost.org; spf=pass smtp.mailfrom=contact@jurisconsult.mg; dkim=pass dmarc=none; X-VR-FullState: 0 X-VR-Score: 0 X-VR-Cause-1: gggruggvucftvghtrhhoucdtuddrgedtledrfedvgdeikecutefuodetggdotefrodftvfcurfhrohhf X-VR-Cause-2: ihhlvgemucfntefrqffuvffgpdggtfgfnhhsuhgsshgtrhhisggvnecuuegrihhlohhuthemucehtddt X-VR-Cause-3: necunecujfgurhephffvuffkrfgkfffgtgfosehtqhfgtdertdejnecuhfhrohhmpedfveetpfetffdr X-VR-Cause-4: rdcurffjteftofetvegjfdcuoegtohhnthgrtghtsehjuhhrihhstghonhhsuhhlthdrmhhgqeenucff X-VR-Cause-5: ohhmrghinhepmhhuihhnvghgohdrtghomhdpjhhurhhishgtohhnshhulhhtrdhmghenucfkphepieeh X-VR-Cause-6: rdduledrudegfedriedpgeehrddvvdegrdduiedvrddutddunecurfgrrhgrmhepmhhouggvpehsmhht X-VR-Cause-7: phdpihhnvghtpeeihedrudelrddugeefrdeipdhhvghlohepthhomhhmhidrhhgvlhhiohhhohhsthdr X-VR-Cause-8: ohhrghdpmhgrihhlfhhrohhmpegtohhnthgrtghtsehjuhhrihhstghonhhsuhhlthdrmhhgpdhrtghp X-VR-Cause-9: thhtohephihurdgsrghosehlrghpohhsthgvrdhnvghtnecuvehluhhsthgvrhfuihiivgeptd X-VR-AvState: No X-VR-State: 0 Around 50% of males over forty have issues with their sexual life.=20 One of the most spread reasons of poor sexual health is Erectile Dysfu= nction. This can hit you badly, but don't worry we have something good= for you. hxxp://www.muinego.com/wp-admin/network/J_compel_landman.html --92e68563116c525d60ff34db528f537fcbde50422e0c0466c67edf65b017--

The Apache Mono plug-in is not available for Windows to my knowledge. It might be possible to build it for Windows using the source since Apache and Mono are both open source, but that's beyond my capability. There's no good reason to use Mono on Windows anyway... it's entire purpose is to simulate asp.net. You have access to real asp.net on Windows, so the entire endeavor is pointless... I'd suggest you install IIS and ASP.Net, and call it a day. All Windows Server 2008 R2+, and most versions of Windows 7, 8.x, and Windows 10 (basically any that's not the "Home" version) include it built in as an optional feature, you just have to turn it on. (Home versions require you to buy the Pro upgrade). Be aware you have to install IIS first, then go back for a second round and add the ASP.net web services after installing IIS.

What domain is it, and what error is showing up when you try?

This was fixed. It's around 90% now instead of entirely full and working. Last night I was getting these lovely messages: [10-Jan-2019 04:11:10 UTC] PHP Warning: Unknown: open(/var/cpanel/php/sessions/ea-php54/sess_n6njqppe900atbc7uaeuqeg0o2, O_RDWR) failed: No space left on device (28) in Unknown on line 0 [10-Jan-2019 04:11:10 UTC] PHP Warning: Unknown: Failed to write session data (files). Please verify that the current setting of session.save_path is correct (/var/cpanel/php/sessions/ea-php54) in Unknown on line 0

Tommy is broken at the moment due to /var being full. Cpanel was down due to it earlier, though he seems to be back up at the moment.

The /var is full on Tommy again. Can this be cleaned up?

That's probably your software. A lot of programs like Wordpress will redirect you if you visit it from the 'wrong' domain, so you may need to change a setting or edit the database to update the domain name. To prove it, you can rename your index.php file, if the redirect goes away, your software is to blame.

You're correct, we generally don't install the updates for cP. cPanel's updates are primarily feature enhancements anyway, so there's little in the way of issues there. The major things that need updates are PHP, Python, Apache, Tomcat, etc. and those do get updated when possible. Our other big issue is obsolescence. Our custom software is one major reason, but the ancient hardware is another one. The software coming out these days isn't designed for hardware from the mid-2000s. Our oldest server is ~13 years old (Stevie/Ricky), and our youngest is going on 8 (Eddie/Tommy). Software today is optimized for hardware made in the past few years... As our hardware ages, they become less and less capable of running the newer versions of cPanel that weren't designed for them. Take Ricky for example...he used to be blazing fast with a significant number of accounts back when he had 11.31 on him. After he was rebuilt due to disk failure, we were forced to upgrade him to one of the 6x versions (cPanel does not allow you to install old releases). Now we get significantly fewer accounts on that server before it becomes slow enough to be unusable, which further lowers our revenue from ads shown to users. We do have a slightly newer server (Katie), but it's not advertised because it only contains VPSes (at the moment Ashoat and I share it). The VPSes can be purchased if you wanted your own OS to run whatever software you want: https://heliohost.org/vps (I believe at the moment these go on Eddie, Tommy's hardware, but Katie is I believe also intended for this use).

Nothing was found.

Done.

Hm, lets see what's causing the load. We'd rather you know how to fix this before we unsuspend you. Lets see what Krydos says.

Unsuspended.

Done. You should now be able to log in and your website should be working again.