wolstech

The only thing that it does is cause it to go down. The account basically gets packed into a zip file and put away. When the archive is restored, your account gets unpacked and put back the way it was before archiving and starts working again. We don't officially offer any way to prevent the archiving other than logging in, which is a bit difficult since you don't have regular internet access. Lets see what Krydos says about this.

The DNS records for all of them were missing. I created them, but now we need to wait for propagation to confirm that fixed it...

You don't have an account that I can find. What's your user name?

The databases have been placed in your home folder.

The 2FA is known to be incompatible with our activity tracking system... Current workaround is to remove the 2FA and change your password and your logins will start counting again. There another topic in escalated for this issue, it’s still unresolved. I’ll move yours there as well.

No it will not be. The IP is shared and is determined by the server you’re on unless you had purchased a dedicated IP (in which case we can move the dedicated IP). Note that we don’t officially support using an IP to access your account anyway. If you’re using the supported configuration that uses our name servers, it will update automatically when the account is restored on a new server.

What link are you using to sign in? You need to use either https://<server>.heliohost.org:2083/ (with nothing after the slash), or https://heliohost.org/login/ Also, do you have the 2FA enabled? We recently discovered that 2FA is incompatible with the inactivity tracking script and causes logins to not count regardless of how you log in (there’s a case over in Escalated regarding this issue, it hasn’t been looked at yet to determine if it’s fixable, disable the 2FA for now as a workaround)

We don’t recommend Wordpress. It’s a security disaster and hack waiting to happen. I would just replace WP entirely. Also for what it’s worth, this site was showing a 500 error earlier when I checked it...the thing sat for minutes loading then threw the error, probably due to php exceeding its max execution time limit.

Donors can request that yes. Anyone donating $1 or more can have an account moved to their choice of server. Tommy is faster than Ricky, so most people go there unless they have a specific need for Ricky (it's usually due to Django or flask, since these differ). We can also just send an invite if you prefer to start over instead. If you don't mind doing the restore work yourself, you can get a free account on these servers at midnight UTC instead, then unpack the archive and restore your content manually. Ricky allows more users per day than tommy, so that's the one to go for if you want to go the free route. Tommy fills in seconds usually, but Ricky usually has accounts available for an hour or so. If yu decide to donate, please post an transaction ID and we'll get you moved.

Files from accounts involved in a hacking attempt cannot be recovered because it may contain illegal or stolen information. I'll take a look at the databases when I get a chance.

WP themselves has been making an effort to actively deny this hack happened. They deleted numerous posts on their forums, and the hacker one reports just get closed saying no bug found... Meanwhile, just about every single WP on tommy got hacked. We found an account that we believe was the launch point for the attack. For Wordpress, it's known to work on the latest version with no extensions installed. There's reports of it from other users and hosts on WPs site back to June of 2017, so this has been around for a while and remains unfixed. The results of the attack are malware shells all over, modified index.php, and a php.ini file being dropped in several folders (useless on our servers, we don't allow ini overrides). Some accounts have a folder called index or config dropped in their public_html, generally also containing the above malicious files. Accounts that were actually used by the attacker after infection generally had a Paypal phishing site set up somewhere within wp-admin or the themes folders. A number of them also had a spambot known as leafmailer uploaded, which was then used to send phishing emails to get people to visit the aforementioned phishing websites. We began noticing the issue when tons of people were suddenly being suspended for high load or too many emails...then abuse reports for the phishing sites started coming in and we were having to hand out phishing bans to a large number of our longtime users' accounts. That's when we investigated and determined it was a mass hack...since the hack was easily detectable on an account, a mass-ban of all hacked accounts promptly followed.

No problem. I was confused the first time I got one too...that was back before I was here and I had no idea how it happened either.

Received: from [171.249.69.200] (port=12195) We don't own that IP (it's somewhere in Vietnam), which means you're the recipient of the spam, not the sender. A lot of spammers do this...they put the recipient in both the From and To fields to hide their origins. The recipient receives a mail that appears to have been sent to themselves. The domain they want resumes sent to resolves to an IP in Indonesia (a world-leader in Phishing operations), so I'm not surprised. The MX records for that domain point to mail.swisswatchshop.info, which in turn points to a server in Russia. TL;DR: Someone sent you phishing email. Just delete it.

All Johnny accounts are intentionally archived due to scheduled maintenance and cannot be restored at this time. Please see https://www.helionet.org/index/topic/33812-johnny-maintenance/ If you're a donor, we can restore it on a different server if you wish. If you want to download the content for free, see this topic: https://www.helionet.org/index/topic/33871-johnny-backups/ In addition, I see you have 2 accounts which violates our Terms of Service. When the server is repaired only one of your two accounts will be recoverable and you will need to decide which one you want to keep.

All Johnny accounts are intentionally archived due to scheduled maintenance and cannot be restored at this time. Please see https://www.helionet.org/index/topic/33812-johnny-maintenance/ If you're a donor, we can restore it on a different server if you wish. If you want to download the content for free, see this topic: https://www.helionet.org/index/topic/33871-johnny-backups/

That's because your account is archived. It cannot be unarchived either due to maintenance. https://www.helionet.org/index/topic/33812-johnny-maintenance/

It's intentional due to planned maintenance and cannot be unarchived at this time. https://www.helionet.org/index/topic/33812-johnny-maintenance/ If you want to download your content, see this topic: https://www.helionet.org/index/topic/33871-johnny-backups/ If you're a donor, we can move you to another server and restore it there. Please provide a transaction ID if this is the case. Minimum donation is $1.

That's to be determined, but I wouldn't expect it to return any time soon. Johnny has a severe memory leak, so it's possible that we end up rebuilding him yet again (that'll be round 5...) See here to get your content-https://www.helionet.org/index/topic/33871-johnny-backups/ Alternately we can move you to another server if you're a donor.

It likely failed. A lot of them do this if the old account isn't comlpletely cleaned out of dns beforehand. What was the new account's username so I can check the logs?

See https://www.helionet.org/index/topic/33812-johnny-maintenance/ There is no estimate for when it will return. It has a rather severe memory leak and may end up being rebuilt again (that'd be round 5...), so I wouldn't expect any time soon. Also, I would like to remind you that Johnny is an experimental server and is not intended for production hosting. If extended downtime, random quirks, crashes, or unexpected maintenance are problematic for you, Ricky or Tommy are better choices for your account.

There's two issues here. First, an email cannot have two accounts associate with it, so you'd need a new invite. Second, you're only allowed one account. Creating the second one violates the terms of service. Since you made the donation and manage it for your father, it's effectively your account, just hosting someone else's site (I do the same thing for people I maintain sites for on mine). What you need to do is use an addon domain on your existing account so you can host a second site on it. If your donation is $5 or more, I can add an extra GB of space for you (please provide a transaction ID so I can check).

It's intentional. Take a look at https://www.helionet.org/index/topic/33812-johnny-maintenance/ and https://www.helionet.org/index/topic/33871-johnny-backups/

You can change it after signing up with the invite. In cpanel, there's an option in the last group at the bottom for contact information.

Krydos would be the one to answer this, so I'll move it and let him explain the details, but most of that money goes to Hurricane Electric though ($400 IIRC) with the rest going towards software licenses, domains, etc. For what it's worth, we haven't had a month in the black since last year. We have money in the bank to operate for a while yet (2 years or so), but we're far from sustainable and if this trend continues, we will eventually end up going bankrupt. Google Adsense used to be our primary funding source, but they no longer allow us to use their ads on our main pages (our website, suspended pages, etc.), erroneously claiming there's "no content"...and of course being Google, there's absolutely zero customer support to speak to about that.

It's not inactivity, it's intentionally disabled due to maintenance. Please see https://www.helionet.org/index/topic/33812-johnny-maintenance/