wolstech

A new account will have the same issues. You can try deleting a bunch of your Wordpress extensions, that may help. There's zero reason to use WP these days though, and it's also VERY insecure. There's at least one unfixed major security vulnerability in it, considering we recently had to ban just about every Wordpress user on tommy after a single attacker hacked all of them in a span of hours, then set up phishing on them... Find non-Wordpress software and this issue will go away entirely. There's no reason you HAVE to use WP, there's tons of alternatives out there. You just need to find replacement extensions and the like to do what you want. Joomla is the most common alternative, though Drupal also makes a good product.

What's your new account's username? If you didn't create one, let me know and I'll send you an invite to create it. The backup file you mentioned does not exist. One database named csngm_wp301 was recovered successfully. Please let me know your new account's username and I'll leave that in your home folder for you.

The malware would not affect zip files, so I should be able to grab the old backup for you when I get a chance to look at it.

That usually happens when it fails. Krydos needs to get the logs for you so we can find out why...

Did you change the permissions to make it executable, place it in the cgi-bin folder, and use unix line endings? Those three are the most common issues.

It's intentionally disabled due to scheduled maintenance. https://www.helionet.org/index/topic/33812-johnny-maintenance/

Krydos might be able to enable this...lets find out.

You can't get the files back, period. They're full of malware from the attacker and stolen information from the resulting phishing site now, so returning them to you would be both dangerous and illegal. The database can often be recovered though, I'll take a look when I have some time.

Today

Is there a specific file or database you need? We cannot recover the cms install due to malware, but we have been able to get individual files or databases if you need them. Note that if you want the database, the users table and any others containing sensitive information will be truncated before they're delivered.

You should have received an email with a link to create a new account. Check your spam bin for it. Gmail likes to send these invite links there. As long as you use that link, the server won't appear as full. I just resent it in case it got lost. As for the databases, there should be .sql files in the package that can be restored through cpanel to create the databases again. And we didn't close your account because we wanted to, we did so because it was serving a phishing site and we are required to remove such content by law. Phishing and spam are illegal in the USA, and that's what the hacker who compromised your account was doing with it (all of the compromised accounts were hacked with the goal of turning them into phishing websites). You should blame whoever made your cms software (likely Wordpress) for failing to fix security holes. This hack has been around for about a year...

The domain for xlory61 has been changed to bertanbey.tk. The contents of public_html have been discarded. The database xlory61_porn64db has been dropped. The account xlory61 has been unsuspended.

Space has been added. Thank you for the donation If you don't see it, log out and in again and it should show up.

Just donate the $5: https://www.heliohost.org/donate/ Post the transaction ID and your username once you donate and it can be added to your account.

IP bans are by IP only, the user account has nothing to do with it. It was blocked for failed web page login, which means you probably have a password protected folder somewhere and used the wrong password on it too many times. Unblocked.

The IP you posted from is not blocked. Is there a specific IP you need checked?

If I restore this and change the domain, I want the porn gone before I do so, so the content will need to be deleted. Do you mind if I delete the contents of the public_html folder on the account (and drop the associated WP database)?

Specifically, you violated this clause:

$5 gives you an extra 1000MB. The maximum an account can have is 2000MB, so if you already purchased a disk space upgrade, you cannot receive a second one. The fact you need extra space means your site may soon outgrow us. If you can, move your large content like videos or downloads to something like Google Drive and provide a link to them on your site. This is usually a quick and effective way to reduce the size of an account while retaining its functionality. If it's your actual site that's too large (or you simply have too many sites), you may wish to consider paid hosting from our partner, HostGator. Their service includes significantly more space than we could ever provide. First month is only a penny if you want to try it https://heliohost.org/partners/hostgator

See my response in your other topic. You don't need to ask this in multiple places. Locked.

Whenever that maintenance is complete, which is likely to be a month or more at this rate. We have no idea what's wrong with that server other than that it has a memory leak and may need to be rebuilt again. If you're a donor you can be moved to another server immediately, or you're welcome to sign up at midnight UTC for free on another server if you wish instead.

It is actually due to maintenance. We just didn't change the message... If you want to sign up again, you need to use a different username, email, and domain, then use the backup you can download from https://heliohost.org/backup/ to get your content back. Donors can have the archive moved to another server automatically. If you don't want to do either, you can wait the likely month or longer needed for the maintenance, and we'll restore this when it is complete.

It failed due to an issue with our NAS which has since been corrected. Invite resent.

It was blocked for opening too many connections at once, which usually is a result of our firewall being hypersensitive due to an attack. FTP can be especially prone to causing this during attacks. Unblocked again.

We never saw the response. I'll take a look at it in a few...