wolstech

Your account has been unsuspended. Please clean up the issue within 24 hours. I'd also recommend you change your cPanel password and the passwords for any other software you have installed on your website.

/usr/bin/php /home/andydunn/public_html/blog/wp-includes/js/gallery63.php It looks like WordPress got hacked. These messages were sent by PHP. Hacked WordPress is probably the #1 cause of a spam suspension here at Heliohost. WP is infamous for it's security issues and the number of "free" themes/extensions that come with backdoors). I would recommend that you delete your entire WordPress site and replace it with another CMS. If you insist on keeping WordPress, avoid themes and extensions from dubious websites (they're "free" because they're supported by the malware/backdoor included them), and keep everything up to date.

Change localhost to 127.0.0.1 For some reason, localhost doesn't point to localhost anymore

I just realized you're on Stevie. The localhost thing is a Johnny problem. You just have an invisible database. Krydos needs to restore it for you. Escalating.

OK...I don't see you listed in the firewall list, but it won't reset in the admin tools either. Escalating.

Stevie is bouncing up and down (probably a DDoS based on the appearance on the monitor). I'll reset your password and email it to you when he comes back online.

It means the cPanel monitor is broken. The database server is working fine. The problem is actually that localhost no longer points to 127.0.0.1 like it should. Change your script's database server to 127.0.0.1 instead of localhost and see if it works. If it does not, check in PHPMyAdmin and verify that the database exists and has content like it should. If it's empty or missing, let me know its name so I can escalate this for you.

You were suspended for inactivity. I've renewed it. Try now. That suspension was probably related to the outage we had and some changes we made during that time, not you. I also was suspended immediately after the outage ended.

Krydos will know for sure whether these are actually issues for us. Let's find out.

We already have an antivirus that is updated and run regularly...people get suspended for shells and similar all the time. As for the kernel issue, I don't recall it ever being updated in the time I've been here. OpenSSL is also old and lacks support for new standards...and everything else on both servers is ancient too. To be honest, I don't think anything we use aside from the AV is current. We don't update because the updates like to break things, especially cPanel. There's also user websites that rely on the older versions of things like PHP. As a result, we use what cP recommends and what is backwards compatible...much of which is not recent.

Mysql is an issue there, but the bottom three are normal. Krydos mentioned elsewhere that the host name for database connections needs to be set to 127.0.0.1 for right now, localhost doesn't work for some reason.

That's cPanel's way of saying the username or password is wrong. Could be a ton of things: Entered info actually being wrong, you being blocked by the firewall, you being suspended, the list goes on... What's your account's username?

Not sure what's going on here. I've seen 2 or 3 people with mysql issues now though...Johnny did crash last week (hence the down time), so I'm wondering if mysql is hosed again... Escalating.

This support request is being escalated to our root admin.

I no longer see the account in the system. Give it 24 hours for the DNS to clear out, then sign up on Stevie.

Firewall blocked you. Escalating to have it unblocked.

What's your domain, username, and the name of the affected database?

Removed.

What is the username of your hosting account?

This support request is being escalated to our root admin.

Johnny has 5.4, and the new box that we haven't set up yet should have 5.6 when it finally becomes available. I don't know if we'll ever update Stevie. If we do, I'd expect 5.4 or maybe 5.6. It's had 5.3 for the 5 years I've been here though, so who knows when that'll happen.

It was indeed for spam. Escalating. We have received a complaint about your account. Please investigate and fix within 24 hours. Hurricane Electric Abuse Department support@he.net From scomp@aol.net Thu Mar 31 03:47:12 2016 Return-Path: &--#60;scomp@aol.net&--#62; X-Original-To: report@abuse.he.net Delivered-To: report@abuse.he.net Received: from smr-a01e.mx.aol.com (smr-a01e.mx.aol.com [204.29.186.241]) by abuse.he.net (Postfix) with ESMTPS id 1898C540134 for &--#60;report@abuse.he.net&--#62;; Thu, 31 Mar 2016 03:47:11 -0700 (PDT) Received: from scmp-d012.mail.aol.com (scmp-d012.mail.aol.com [172.29.189.81]) by smr-a01e.mx.aol.com (AOL Mail Bouncer) with ESMTP id 94EE038000AB for &--#60;report@abuse.he.net&--#62;; Thu, 31 Mar 2016 06:47:10 -0400 (EDT) Received: from scomp@aol.net by scmp-d012.mail.aol.com; Thu, 31 Mar 2016 06:47:06 EDT To: report@abuse.he.net From: scomp@aol.net Date: Thu, 31 Mar 2016 06:47:06 EDT Subject: Email Feedback Report for IP 65.19.143.2 MIME-Version: 1.0 Content-Type: multipart/report; report-type=feedback-report; boundary="boundary-1138-29572-2659438-3927" X-AOL-INRLY: stevie.heliohost.org [65.19.143.2] scmp-d012 X-Loop: scomp --boundary-1138-29572-2659438-3927 Content-Type: text/plain; charset="US-ASCII" Content-Transfer-Encoding: 7bit This is an email abuse report for an email message with the message-id of 015CB0BE-CEE2-596C-8079-37C5C2231ED1@cherio.cc received from IP address 65.19.143.2 on Thu, 31 Mar 2016 04:01:28 -0400 (EDT) For information, please review the top portion of the following page: http://postmaster.aol.com/Postmaster.FeedbackLoop.php For information about AOL E-mail guidelines, please see http://postmaster.aol.com/Postmaster.Guidelines.php If you would like to cancel or change the configuration for your FBL please use the tool located at: http://postmaster.aol.com/SupportRequest.FBL.php --boundary-1138-29572-2659438-3927 Content-Disposition: inline Content-Type: message/feedback-report Feedback-Type: abuse User-Agent: AOL SComp Version: 0.1 Received-Date: Thu, 31 Mar 2016 04:01:28 -0400 (EDT) Source-IP: 65.19.143.2 Reported-Domain: stevie.heliohost.org Redacted-Address: redacted Redacted-Address: redacted@ --boundary-1138-29572-2659438-3927 Content-Type: message/rfc822 Content-Disposition: inline Return-Path: &--#60;[redacted]@cherio.cc&--#62; Received: from stevie.heliohost.org (stevie.heliohost.org [65.19.143.2]) (using TLSv1 with cipher DHE-RSA-AES256-SHA (256/256 bits)) (No client certificate requested) by mtaig-aab02.mx.aol.com (Internet Inbound) with ESMTPS id DF85C70000083 for &--#60;redacted&--#62;; Thu, 31 Mar 2016 04:01:28 -0400 (EDT) Received: from [194.9.226.139] (port=13232 helo=[127.0.0.1]) by stevie.heliohost.org with esmtpsa (TLSv1:DHE-RSA-AES256-SHA:256) (Exim 4.82) (envelope-from &--#60;[redacted]@cherio.cc&--#62;) id 1alXY5-0003Mr-AB; Thu, 31 Mar 2016 01:01:23 -0700 From: "Cassey Mitchel" &--#60;[redacted]@cherio.cc&--#62; Content-Transfer-Encoding: quoted-printable Content-Type: text/plain; charset=UTF-8 Mime-Version: 1.0 (1.0) Subject: Hello! Message-Id: &--#60;015CB0BE-CEE2-596C-8079-37C5C2231ED1@cherio.cc&--#62; Date: Thu, 31 Mar 2016 12:01:17 +0400 To: redacted@yahoo.com, redacted@gmail.com, redacted@gmail.com redacted@gmail.com, redacted@hotmail.com, redacted@gmail.com redacted@ymail.com, redacted@gmail.com redacted@aol.com, redacted@icloud.com X-Mailer: iPhone Mail (12H143) X-AntiAbuse: This header was added to track abuse, please include it with any abuse report X-AntiAbuse: Primary Hostname - stevie.heliohost.org X-AntiAbuse: Original Domain - aol.com X-AntiAbuse: Originator/Caller UID/GID - [47 12] / [47 12] X-AntiAbuse: Sender Address Domain - cherio.cc X-Get-Message-Sender-Via: stevie.heliohost.org: authenticated_id: [redacted]@cherio.cc X-Source: X-Source-Args: X-Source-Dir: x-aol-global-disposition: G Authentication-Results: mx.aol.com; spf=pass (aol.com: the domain cherio.cc reports 65.19.143.2 as a permitted sender.) smtp.mailfrom=cherio.cc; x-aol-sid: 3039ac1a7ec256fcd958201d X-AOL-IP: 65.19.143.2 X-AOL-SPF: domain : cherio.cc SPF : pass Yo, gorgeous boy! I think that ur social media page is so awesome. Do = you wanna watch my sexy nudes? If so, just type me to this # plz - 801= 742 seven seven four one. --boundary-1138-29572-2659438-3927--

The developer tools in your browser will likely help you find out what CSS file didn't load and why (odds are it's a 404 error caused by an incorrect path in a file somewhere). In Chrome, you can see resources and what failed to load by right clicking the page and "Inspect", then look in the console tab of the developer tools. Firefox should be similar. Not sure about IE.

Indeed suspended for high load... You've been unsuspended. Just make sure you fix the script.

It means you already have an account.