wolstech

You don't need any of this since we support the normal PHP mail() function: // Define os dados do servidor e tipo de conexão // =-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-= $mail->IsSMTP(); // Define que a mensagem será SMTP $mail->Host = 'mail.heliohost.org'; $mail->Port = 587; $mail->SMTPAuth = true; // Usar autenticação SMTP (obrigatório para smtp.seudomínio.com.br) $mail->Username = $emaildestinatario; // Usuário do servidor SMTP (endereço de email) $mail->Password = "password"; // Senha do servidor SMTP (senha do email usado) $mail->SMTPSecure = "tls"; You don't need SMTP.

Krydos or Byron need to deploy it for you (provided Java has been activated). What is your account's username?

Escalating. @Krydos/Byron: He already tried and failed to clean this once...and we all know the story with WP. What do you think?

Glad to see you figured it out Let us know if you need anything else.

That's because it's suspended for high server load...again. You need to reinstall everything using clean, up to date versions (and then keep them updated), or not use WordPress. Almost every hacked site we see is hacked WordPress, so not using it will probably significantly lower your odds of getting hacked. If I unsuspend you, do you agree to immediately delete everything in the public_html folder (except the cgi-bin folder, which should be empty)?

A variety of reasons. The big one here is that the database already exists and it was damaged by a crash. cPanel doesn't like a lot of things, especially dealing with corrupt databases. They break a lot of things, and also have a bad habit of not fully dropping when you tell them to, even if cP says that it did. If you had used a different database name, it may have worked (provided the new name wasn't previously damaged in some way). In my experience though, you're always better off just making a new empty database then going into PhpMyAdmin and importing your file to populate it.

I can email a new password to the email address on your account. Is this OK (it's a GMX address)?

This support request is being escalated to our root admin.

This topic is old and marked solved already. I would recommend opening a new topic.

Did you park it in cPanel? If so, it takes 24-48 hours to start working. The DNS looks fine, I see the two NS records on the domain and the A that our server returns for Johnny. Also, that activation email must be old...your account is from 2013-01-19 according to the system.

They probably used a backdoor or known vulnerability in WP to do it. When the malware in a theme or extension is used by the attacker, it's not generally accessed through any of the "normal" admin interfaces, so changing passwords won't fix it (and in fact, depending on the malware, it could just get the new password stolen). Very often, such malware is accessed through some hidden URL arguments or by doing something on a C&C server and waiting for the malware to receive the instructions (in both scenarios, the initial malware that accepts these arguments or talks to said server was unknowingly installed by you as part of an infected free addon). The malware's capabilities generally allow attackers to create/alter/delete files and in some cases read/edit your database as well. The reason I recommend against WordPress is because it is difficult-to-impossible to fully secure (especially if you use themes or extensions/plugins), and it needs a lot of maintenance to keep secure. As a result, it is often vulnerable and (based on my experiences dealing with abuse reports and suspensions) is a leading cause of hacked websites here at Heliohost.

Do you want me to manually email a new password to the gmail address attached to the account?

Have you changed your cPanel password? If not, change it now, then log out and in again. Try accessing it through PhpMyAdmin again after changing the cPanel password. If still no luck, you will need to create a new database and restore a backup into it. We lost all the data stored in InnoDB tables in a second crash back in June, so if the database used InnoDB, this is likely the issue, and the contents are likely gone. After you get that working, delete all the database users again, recreate them, and reassign them to their databases.

Wordpress is notorious for its terrible security and for being hacked...in fact, it's one of the leading cause of hacked sites on our service. Usually, the issue is caused by the use of "free" themes and extensions from dubious websites (they're "free" because the criminals distributing them make money using the malware/backdoor built into them to abuse websites for spam or phishing). It's also common for people to forget to install the security updates for WP and the extensions.

Resetting your account wouldn't help (we can't reset it anyway, you just delete it and sign up again). The issue is that something in the code you wrote to implement the API is incompatible with our service, or is broken. The API works fine when we use it, so the server is working fine, and the API is working fine. Your code is broken. Also, have you tried implementing this API by itself in a test file on Stevie (on its own, not as part of WordPress, which I recommend staying away from anyway for security reasons)? Does it work?

There's tons of converters that accept .doc. What format you want to convert to or from?

If it is already deleted, then no. You'll need to sign up again and restore any backups you may have.

Escalating... @Krydos: These look like they are connected to the domain theft incident from 3 weeks ago. One of these accounts is also the one that shares cic.ir with indozona (cic.ir's owner reported their issue yesterday).

Edited. Indeed a bad idea to post your password publicly. I would also recommend he now change his password as soon as Johnny becomes available again. It was actually up for a brief period earlier today before going down again, though that continued downtime might just be normal while Johnny is getting his act together.

This account has been suspended for violation of our one account per user policy which is clearly stated during the creation process of each and every account on Heliohost. A common misconception is that you need a separate account for each website that you want to host, but since Heliohost differs from most free hosts and even most paid hosting by offering unlimited addon domains, unlimited parked domains, and unlimited sub domains one can easily and conveniently host as many separate websites as they wish all from your one free hosting account. If multiple accounts were created to get around our disk space limit we strongly suggest using a free service such as dropbox to host your large images, videos, and downloads while continuing to host your website with us if you wish. If you understand that each user is only allowed to have one active account please let us know which account you would like to use and it can be unsuspended for you. Also let us know if you need backups of any of the data on the other accounts, and if there are any domains on the suspended accounts that you would like to host on your main account because we will need to remove them from the suspended account before you will be able to host them on your unsuspended account. For example: user1: unsuspend user2: backup user3: backup, idontreadrules.com user4: thoughticouldgetawaywithit.org

I looked into this further. Your domain's DNS records suggest your account was on Johnny. From what I can tell, your account likely got lost as a result of the Charlie hardware failure and subsequent account database rollback. The Charlie hardware that Johnny and Cody (the account manager server) ran on failed in July. While we restored an old backup of Cody to new hardware and were able to restore required entries for Stevie, we have no way of restoring the entries for Johnny accounts created since March since Johnny is down. We are sending someone to attempt repairs within the next week or so, however there is no guarantee that we will be able to repair Charlie (and subsequently, Johnny) If you wish to continue hosting your domain here, you can either wait until Johnny is fixed (assuming it can be fixed, we don't know yet), or create a new account on Stevie. If you get a DNS error or a message indicating the domain is in use, please let me know and I can have it removed so you can add this domain to your Stevie account.

Something is very wrong with this domain, which is why we need to wait for Krydos. The system is reporting your domain as assigned to two accounts at once, which should be impossible. He can figure out why this domain is showing attached to a known abuse account and a second account at once, as well as whether you own that second account (the data I can see suggests you do not). Domain cic.ir is currently showing as assigned to indozona, an account recently involved in multiple domain thefts, as well as to another account that was created on 7/29/16 and hosts four other domains. This second account was last logged into 3 days ago.

@Byron: The account that cic.ir is attached to was recently engaged in domain theft: http://www.helionet.org/index/topic/25461-suspended-indozona/ His domain quite likely got stolen.

No accounts with those or similar usernames or email addresses exist. How long ago was the account made? If its been abandoned for a long time, its quite likely that it was deleted for inactivity.

CGI should work fine, I'm assuming perl or Python? As for the whole-site backup, you cannot just upload it and expect it to restore on its own, however you can upload/restore files and databases yourself using the various files inside it. If you unpack the .tar.gz, there will be a homedir.tar that contains your files, and a mysql folder that contains dumps of your databases. There are also folders for things such as postgres databases and mail forwarder settings that might be useful.