wolstech

Seeing all of these should ultimately point to the same file, forget all the fancy logic and just use an absolute path. Includes are based on path from filesystem root, not web/document root, so the absolute path to the file would work regardless of which domain is used. If I'm following the code correctly, you should be able to just replace all of that with: <?php require_once('/home/sgn/public_html/nm/public_html/mobile/global/header.php'); ?> If you want to be nice about making it editable/movable later, set a variable containing the "/home/sgn/public_html/nm/public_html/mobile/global/" part in your config file (I'd personally just do it in the same one that has my database settings) so you can edit that path later if you need to move the scripts, without finding all the require_once() statements and editing them.

This is considered bad practice for exactly the reason you're experiencing...it requires modifying system properties. The other issue is that by doing it that way, it affects the entire server instead of one program. The proper way to do this is to just do use an include() or require() where the header and footer belong, or more often than not just call a function that echos the content from the database.

@krydos: All domains with whoisguard appear to be in panama. I have the same exact contact info on my domains. The email addresses listed (if they're listed, its optional, i don't see them here) are aliases that forward to the registrant. I've received emails from them before...they're noticeable because they have a banner at the top advising you that your email address may be revealed if you reply.

You could use freenom to start with. Just be careful with them, they like to cancel your domains or ban you without notice. I've lost 3 domains and been banned once, Krydos I believe has had similar experiences... As soon as you start to see a decent amount of traffic or if it's down for more than 48 hours (server outage, 404 or 500 errors, whatever), they're prone to canceling your domain, serving malware on it, then trying to demand money to get it back. When I lost my domain, I just bought the matching .com from namecheap and called it a day...it cost less (~$25 for two years, including the whoisguard and ICANN fees) and is actually mine, as opposed to the crap Freenom does with their free domains (you don't own their free domains, just get an easily-revocable license to use it).

If I had to guess, the domain probably was used for malware distribution before you owned it. The best you can do is either see if you can find who has your domain flagged and see if there's a way to request the site be re-evaluated, or just get another domain. Domains ending in cu.cc in general are very commonly abused to host abuse/malware/etc. since they're free, so some companies actually block everything ending in cu.cc (or even the whole .cc namespace that .cu.cc is part of...a large majority of the stuff in that namespace is malicious or illegal in some form). If you want a proper, reputable domain, you should go buy a regular .com/.net/etc.

@Krydos: The error is occurring when he tries to import a (very small) .sql file into PhpMyAdmin. It's not a regular file upload.

Generally, a proper CMS would store the entire TOS body as a content block, in a single row of a table that also stores all the other content. Pretty much nobody has an entire table just for one page. I'd recommend just using plain HTML for this. You're over-complicating it by trying to do it this way. P.S. I can't even see your site without turning off my security software...that netmate domain is blacklisted by multiple security companies for malware. For me, it's blocked at work by Sophos and MalwareBytes, at home by MalwareBytes and Avast.

We don't endorse this type of behavior, not to mention it's illegal. Please report them to the relevant hosting company and registrar abuse addresses.

Use a desktop browser and it will work. It seems to be a limitation of Android and iOS...I just tried it on Chrome for iPhone and it gave an error message. it works in Chrome, IE, and FF on my PC though.

My Chrome displays the content fine. http://imgur.com/a/AghPT It's possible your browser is set to download application/xml instead of viewing it.

Krydos might be able to increase this. I know we did so for public-facing PHP. 2MB is nearly useless for a database upload. Escalating.

The account was inactive, odd that the script didn't work... Your account has been manually unsuspended.

The email address you provided is not correct (we have an outlook.com address). That domain belongs to an account tarings2 which is working, though there's nothing uploaded to it. Have you tried resetting your password? Go here: https://tommy.heliohost.org:2083/ and click reset password.

Krydos has to allow it specifically for each user and database now. What is the database name and what IP will it be accessed from?

If I'm reading it correctly, it also requires users have a paid Business or Enterprise plan unless we can qualify as an "optimized" hosting partner (not sure if/how that's different from the partner program we already participate in). It's not really worth it anyway in my experience: I manage a website for someone that runs on a hosting company that has Railgun capability...I didn't notice any meaningful difference with it on or off, other than file uploads going corrupt and cache going stale more often with it on. Could be a hosting company issue though...that host leaves a lot to be desired, so much so that I recently discussed migrating to Tommy with them...

This support request is being escalated to our root admin.

Joomla is a fairly popular alternative to WordPress. There's also a bunch of lesser-known ones out there too, but they have fewer choices for expansion. If you really want to restore WordPress, just don't get plugins off of random websites (these dubious "free" plugins are actually funded by the malware). Use reputable sites like the official https://wordpress.org/plugins/ and https://wordpress.org/themes/ to look for such stuff. Also be sure to keep everything updated since the updates often fix bugs and security holes that can be used to infect websites.

Most of those records aren't used for web content (e.g. ftp, webdisk, and cpcalendar) and might break if you tried to put them through cloudflare. FTP clients for instance need the address of the FTP server, not a cache, or it would break. If I touched any of them, I'd turn on the ones for that first A record (already on for you), www (already on for you), cpanel and webmail.

This support request is being escalated to our root admin.

Nothing. It will just be left suspended indefinitely until it gets deleted for disk space (when our server fills up, we delete inactive or suspended accounts with the oldest last login dates to make room). If Krydos is ok with it, we can remove your domains from the account so you can use them to sign up again. I'd recommend finding new software though if he allows that. WordPress is far too easy to hack in my experience...half the themes and plugins out there are disguised backdoors, and the ones that aren't usually either have security holes in them, aren't maintained, or are regularly left un-updated by users. There was actually a point last year where WordPress was to blame for 90+% of our spam suspensions. @Krydos: Can we remove her domains from this account or will she need to go elsewhere?

You ran WordPress if I remember right. That's what's infected and caused this. If we did back it up, the backup could infect another server if you try to use it. We highly recommend users do not use WordPress for this exact reason...it gets hacked too easily. It's up to Krydos whether he's willing to back it up for you, but as listed now, it says "Do not backup."

It's https://tommy.heliohost.org:2096/ I was unaware it was ever accessible on port 80...

There actually isn't any easy way to do this right now, at least not for high-volume hosts with smaller servers like us. We've talked about making a custom cP plugin for this, but we don't have any timeframe for that (if it happens at all). The problem is that we create 100s of accounts a day. The only plugin they offer themselves is a provider for WHM that would create certificates for every single account and domain on our system. That would normally not be a big problem, but they limit the service to 20 certificates a week. For reference, we've created more than twice that number today alone...and the day still has ~10 hours left. The way we're using cPanel is not normal either, so 20/week might do for regular hosts but is severely undersized for us. For perspective, cPanel's own support staff told us we had managed to host more accounts on a single physical server than anyone else using their product (10,000+ accounts, their recommended limit is ~400...) Besides, not everybody uses HTTPS, and I suspect the servers (especially Charlie and Stevie) wouldn't be able to handle the load if every single domain was using HTTPS. The way it is now, only users who actually want to use it will set it up.

Gotcha. Yeah, that's a good reason for a dedicated IP. Tommy's shared IP ended up on CBL the other day due to what I believe was WordPress malware.

Escalating to have this installed. Also, while there are other reasons to have one (such as avoiding email issues when the shared IP ends up on spam blacklists...), please note that you don't need this for SSL anymore. Our servers all support SNI now.