Jump to content

wolstech

Chief Risk Officer
  • Posts

    18,215
  • Joined

  • Last visited

  • Days Won

    695

Everything posted by wolstech

  1. wolstech

    MetaBase

    We don't support self-hosting jar files (ones that you just run and have their own built-in server), so no it's not. It would need to be offered as a .war file meant to run through Tomcat in order to be hosted here.
  2. Great Correct on those usernames. Your account's username is scmddm, that's what you need to use. For reference: Account usernames only allow [a-z][A-Z][0-9] and are limited to 8 characters (symbols are stripped and longer names are truncated). This limit does not apply to extra FTP or email accounts you can create in cPanel, only to the hosting account username itself.Passwords are limited to 18 characters (longer may work but has been historically shown to break certain features).
  3. Mine was hacked, and it had a plugin that replaced the login system (it was a minecraft site, it uses a minecraft account to sign in...). The files were not renamed, but the users table he edited wasn't even being used except for options. The actual authentication was done against a server run by Mojang (er, Microsoft now), not the password field in the database.
  4. It was for high server load due to your WordPress installation being compromised by malware. We've been seeing a lot of this on websites that run WordPress lately, because just about every WP site on Tommy got hacked by someone named "AnonymousFox" last week due to an unfixed security hole that affects even the latest versions of WP. There is no fix for the security issue aside from removing WP altogether, as WP has not released a patch (in fact, they're actively denying an issue exists despite reports from users across the world on numerous hosts reporting this exact hack by "AnonymousFox"). The hackers are using the compromised installs to set up Phishing sites. Please delete your WP installations immediately before they go phishing. If they start hosting a phishing site, your account will be permanently banned, which will result in the loss of your account's contents and require you to sign up again. To help prevent the hacker from accessing the compromised WP installation before you delete it, I've put a deny from all in your .htaccess file to prevent them from being accessed. As a reminder, we do not recommend using WordPress. It has the worst track record for CMS security of any CMS available today, and is regularly compromised.
  5. @petr: There isn't. You have to delete your account and sign up again, hoping you can get an account on a server other than Johnny at midnight, then restore backups. Donors can have an account actually moved as opposed to the delete-and-signup-again process, but this is not offered to free users.
  6. DOS 32 Connections It's the firewall trying to keep the server from crashing due to an attack. Nothing you did. Not using FTP and not refreshing your site rapidly would probably reduce the likelihood of this happening. Unblocked.
  7. The free midnight registration for tommy only lasts for a few seconds each day due to demand, so it's virtually impossible to get without trying numerous days in a row. Donating will get you one in the form of an invite email though.
  8. Your account has been moved to Tommy.
  9. It's WordPress...it's garbage. WP notorious for terrible performance and also has one of the worst track records for CMS security...just about any other program out there is faster and more secure than the steaming pile that is WP. Find a proper CMS and you'll be much happier with performance. Others here have reported good success with Joomla or just writing their own. Drupal is another commonly recommended one, but I can't speak to it as I haven't used it myself.
  10. It's not blocked on our end. Note that it may take sometime for the unblocking to be effective.
  11. Unblocked. It wasn't caused by anything you did. It's out firewall being sensitive due to DoS attacks.
  12. Was just about to say "The files don't exist." which would be the case if they'd been moved. Glad to see you figured it out.
  13. That's actually what I did, though it wasn't a blog in my case. I just added some code to a plain free html template so content came from a database, and added a very basic editor for such content. Been using it for 7 years with no issues...
  14. Because the attack is still ongoing. The rebuild wasn't due to the attack, it was due to file system corruption.
  15. Let's have Krydos set this up for you.
  16. We don't recommend using WP at all. We never have, and never will. It's notorious for crap like this, and has one of the worst track records for CMS security...just about any other program out there is more secure than the steaming pile that is WP. The hack in question does seem to affect the latest version though, as several people (both here and other places online) reported that fully updated, no-extension installs were compromised by AnonymousFox. Last I heard, WP is denying an issue exists though it quite obviously does based on the numerous reports across the web.
  17. Lets have Krydos install this for you. Moving so he sees this.
  18. It can't be sent because an account with that email address already exists. You need to delete your old account first: http://heliohost.org/classic/support/scripts/delete
  19. It means the domain's listed on the certificate don't match the domain using the certificate. That's fairly normal if AutoSSL hasn't run or has failed. I'll take a deeper look later.
  20. Done. You should now be able to log in and your website should start working within 12 hours.
  21. The email should have already been sent. Did you not receive it? It was sent to the same email address that's on your forum profile (note that they tend to go to Spam, so check that folder for it, the email looks exactly like the invite you got when you first donated). And yes, you were on Tommy. Stevie was an old server we no longer have (it crashed, the repaired version is called Ricky).
  22. Recently, most if not all WordPress installations on Tommy were compromised by a hacker called AnonymousFox. Your account is banned for phishing because your WordPress installation got hacked and was later used by the hacker to set up a phishing website. I've released your domains and sent an invite for a new account to the email address on file. Please restore your account using a backup (we cannot restore your data from your old account because it contains malware and stolen information). As a reminder, we highly recommend that users not use WordPress. WP and it's extensions are notorious for having security issues such as the one you (and everyone else on Tommy) experienced, and it's widely considered one of the most hackable CMSes out there. Using a different program will help prevent this from happening again.
  23. You already have an account, so you can't create another one without getting suspended for having multiple accounts (our TOS only allows you to have one account). But yes, we are. Note that they're nearly impossible to get for free though. We do offer free accounts at midnight UTC each day, but these usually go in seconds. Donating is the only way to get one easily.
  24. Still being hit by a ddos attack...I can try moving your account to another ip when I get a moment, but I can't guarantee that your Java will work if I do.
×
×
  • Create New...