wolstech

Yep, someone hiding behind CF is hammering away at cPanel. Its worth noting that CF offers app hosting too, so it could be malware that someone made and is using CF to run. Similarly, it could be someone beating on cPanel through a domain that’s protected by CF. Every domain hosted on a server can access cPanel via port 2083, so its a matter of flooding such a domain with POST requests (actually trying to view cP through such a domain should redirect to the server domain). TL;DR: someone is causing CF’s servers to send us bad login attempts. It could even be multiple people considering the limit is only 5 tries in an hour...

It just shows them as Failed cPanel Login, which means someone connected to a site through CF is entering bad usernames and passwords. It could be anybody that region of thje world, accessing any site that has CF on it. Doesn't even need to be your account being hit since all the traffic comes from the same source in our eyes. At the end of the day, CF basically amounts to a really large distributed caching reverse proxy...the firewall is so basic that it has no understanding of such things and thinks its just seeing a user from the internet at large, not a network with hundreds of thousands of users that ultimately share an IP address when it comes to visiting your site.

I unblocked the UK, France, and Poland data centers again (same ones that were blocked last time). They're getting blocked for bad passwords against cPanel. I'm not sure why, but it's always these 3 data centers. Most blocks are from the 162.158.0.0/15 range. You're on Tommy anyway, is there a reason you need CF? The performance should be just fine without it. Johnny and Ricky users are the ones who really benefit most from using CF...

Done. You should now be able to log in and your website should start working within 12 hours.

Done. You should now be able to log in and your website should start working within 12 hours.

The account ayoub99 does not exist.

The username isn't available because your forum account already has it. I'd need to rename the forum account, then you need to delete your hosting account and sign up again to change it if you really wanted that back. As for the domain, it should be available. I don't see it attached to any account and there's no DNS records for it.

The suspended page will go away when Apache next restarts. When an account is unsuspended, the website doesn't always immediately work again...

See https://www.helionet.org/index/topic/29275-tommy-signup/?do=findComment&comment=148873

Sent. Thank you for the donation.

English: That's a new one... Please check your email for a new password. I've reset it manually for you.

Your account was suspended for causing high server load. I have unsuspended your account, but please try to limit the load you put on our servers as it slows down not only your site, but the sites of all other HelioHost users sharing your server. If you still see the suspended page, please clear your cache. If you need help figuring out why your site is causing such high load let us know and we can try to help. If the high load is simply because your site is getting a lot of traffic you might consider trying paid hosting from our partner starting at only a cent for the first month. https://www.heliohost.org/partners/hostgator

It's suspended for inactivity, which is why it won't reset. I renewed it, try it again now.

That link won't count because it ends in .html. Use this https://tommy.heliohost.org:2083/ (with NOTHING after the 2083/ ) and it'll count.

If it was a new domain or you were switching certs a lot, the AutoSSL probably hadn't had a chance to get a certificate for it. It takes up to 24 hours for our server to get it, and 2+ hours after installation for the cert to go into effect on Ricky. They're not instant. Also, the www thing is actually untrue. While many consider it expected that sites support the www as an alias for the domain's main content, not all do. Furthermore, unless the site's server is misconfigured, it's not at all required for a site to function. Similarly, most don't realize that search engines don't care if it's there or not. They care about the content of the page. The domains are picked up through registration data and links nowadays, and domain registration data definitely doesn't define the www (the www comes about from a CNAME DNS record). Many newer websites also redirect away from it as soon as you visit, and www especially doesn't apply to third-level domains like we offer for free (cPanel does create them though, since it treats all domains the same and a user with a normal example.tld domain would want it). Take a look on google for the many of the other websites we host. Their google results all list without www...

Please post the actual domain in question.

I don't think so. It appears to apply to the entire server, and they specifically note that the server won't accept non-CF HTTPS connections after installation. That means that installing that would completely break HTTPS support for the entire server. If it can be configured per-vHost, it may be doable...but would require custom configuration by Krydos for each domain you wanted it on. I'd suggest just using full SSL.

You should be able to write your own logs anywhere Tomcat has permission to write, though the contents are limited to whatever your program is coded to log. The actual Tomcat log can't be redirected. Note that if you decide to implement your own logs, Tomcat runs as a different user from your account and is not in your group, so if you create a folder in your homedir for logs or other data you want your War file to work with, be sure to grant "other users" write permissions to it so the Tomcat user can save in there. Tomcat can run on HTTPS, but Krydos has to set that up for you. Be aware that if we enable HTTPS for you, the HTTP connection to it will no longer work. You can't have it both ways unfortunately, since providing both would mean you would take up two Java slots on the server, reducing our available slots for other users.

Remove the useSSL=true. We don't support ssl connections to MySQL. Also, I'm assuming you've made sure to assign the user to the database in cpanel (a lot of users miss that step)?

That account does not exist. Please note that if you were on Johnny and your account was not archived prior to the beginning of May, it was deleted during the recent server rebuild. You may be able to get a copy of the contents from https://heliohost.org/backup/ (there is an account called richhack that may be yours in that system).

He's been rebuilt, but yes it's up again. The initial sign ups for it should come around in the next few days or so.

You can't since they're shared by the entire server. As a result, they contain private information from other users as well. If you need logs, Krydos has to get and post the relevant sections for you.

Did you actually tell it to deploy? The page where you requested Java has a form where you need to specify the war file. The Wiki article where you need to request it on the forums only applies to Johnny.

That's because you're on Tommy. Reset your password here and see if you can log in: https://tommy.heliohost.org:2083/resetpass?start=1

It could. The block reason we see is I think based on the cause of the last failed attempt, as I've definitely seen others say the same thing (failed cPanel login, but it turned out to be email or FTP at issue).