wolstech

Thanks Krydos

So, something seems to have changed recently. Stevie randomly refuses to file_get_contents() its own files through HTTP. It returns an empty string. <?php $content = file_get_contents("http://si3.raxsoft.com/changelog.txt"); echo $content; ?> Code above can be run here: http://si3.raxsoft.com/debug_fgc.php It returns a blank page for me. However, when run on my local server, it retrieves and shows the changelog.txt just fine. It used to work since a bunch of stuff on my account has been doing it for years...Any ideas on this?

Yeah, I realized that after I posted it when I looked closer and realized it chopped most of the arguments off. Re-ran and post edited.

Stevie is blocked by Soundcloud: rax@rax.heliohost.org [~]# wget -O=sc.tmp "http://api.soundcloud.com/tracks?q=Adventure\&limit=5\&client_id=7fda73e4303db4146b1b2145944d3e1c" --2016-08-09 09:16:29-- http://api.soundcloud.com/tracks?q=Adventure&limit=5&client_id=7fda73e4303db4146b1b2145944d3e1c Resolving api.soundcloud.com... 72.21.91.127 Connecting to api.soundcloud.com|72.21.91.127|:80... It never connects, sits for several minutes then times out. On a local server of mine: root@acmine:~# wget -O=sc.tmp http://api.soundcloud.com/tracks?q=Adventure\&limit=5\&client_id=7fda73e4303db4146b1b2145944d3e1c --2016-08-09 12:21:01-- http://api.soundcloud.com/tracks?q=Adventure&limit=5&client_id=7fda73e4303db4146b1b2145944d3e1c Resolving api.soundcloud.com (api.soundcloud.com)... 72.21.91.127 Connecting to api.soundcloud.com (api.soundcloud.com)|72.21.91.127|:80... connected. HTTP request sent, awaiting response... 200 OK Length: 9383 (9.2K) [application/json] Saving to: `=sc.tmp' 100%[===================================================================================================================>] 9,383 --.-K/s in 0.001s 2016-08-09 12:21:02 (7.76 MB/s) - `=sc.tmp' saved [9383/9383] root@acmine:~# Looks good. That sc.tmp contains a JSON result.

Usernames cannot be changed without deleting your account and signing up again. The domain can be changed though if you wish. You can use this script for that: http://www.heliohost.org/home/support/scripts/domain

Are you saying you share your account with others (which is also not allowed)?

Not often, though our new server Tommy will be up to date when it becomes available. Stevie has php 5.3.8 with MySQL 5.6.21 on it.

Reset, tested, and sent.

Unmarked as solved.

Unsuspended.

I can't get even an account on Tommy yet and I'm an admin, so probably not for a while. There will almost certainly be a beta period before we offer it to the public. We also have some other major improvements on the horizon (unrelated to the new server), which is another reason we're taking our time. We'll announce them when they're ready.

I can unsuspend the site for you, however we only give you one chance to fix spam. If we receive another complaint, you will be permanently suspended. Odds are the spam is being caused by malware on your site or a compromised email account. I would recommend deleting everything on your account, changing your passwords, then rebuilding your site using known-clean software. Note that many "free themes" and similar content from dubious websites, especially those made for WordPress and Joomla, have backdoors in them. Drupal is likely similar in this respect. Are you ready to fix your account?

You were suspended for spam. Below is the abuse report relating to your account. We have received a complaint about your account. Please investigate and fix within 24 hours. Hurricane Electric Abuse Department support@he.net From scomp@aol.net Sat Jul 30 14:28:06 2016 Return-Path: <scomp@aol.net> X-Original-To: report@abuse.he.net Delivered-To: report@abuse.he.net Received: from smr-a02.mx.aol.com (smr-a02e.mx.aol.com [204.29.186.244]) by abuse.he.net (Postfix) with ESMTPS id BF9085401DE for <report@abuse.he.net>; Sat, 30 Jul 2016 14:28:06 -0700 (PDT) Received: from scmp-d012.mail.aol.com (scmp-d012.mail.aol.com [172.29.189.81]) by smr-a02.mx.aol.com (AOL Mail Bouncer) with ESMTP id 2042E380008A for <report@abuse.he.net>; Sat, 30 Jul 2016 17:28:05 -0400 (EDT) Received: from scomp@aol.net by scmp-d012.mail.aol.com; Sat, 30 Jul 2016 17:28:00 EDT To: report@abuse.he.net From: scomp@aol.net Date: Sat, 30 Jul 2016 17:28:00 EDT Subject: Email Feedback Report for IP 65.19.143.2 MIME-Version: 1.0 Content-Type: multipart/report; report-type=feedback-report; boundary="boundary-1138-29572-2659438-15433" X-AOL-INRLY: stevie.heliohost.org [65.19.143.2] scmp-d012 X-Loop: scomp --boundary-1138-29572-2659438-15433 Content-Type: text/plain; charset="US-ASCII" Content-Transfer-Encoding: 7bit This is an email abuse report for an email message with the message-id of 579C235B.6F1B272C@lladnar.com received from IP address 65.19.143.2 on Sat, 30 Jul 2016 07:00:06 -0400 (EDT) For information, please review the top portion of the following page: http://postmaster.aol.com/Postmaster.FeedbackLoop.php For information about AOL E-mail guidelines, please see http://postmaster.aol.com/Postmaster.Guidelines.php If you would like to cancel or change the configuration for your FBL please use the tool located at: http://postmaster.aol.com/SupportRequest.FBL.php --boundary-1138-29572-2659438-15433 Content-Disposition: inline Content-Type: message/feedback-report Feedback-Type: abuse User-Agent: AOL SComp Version: 0.1 Received-Date: Sat, 30 Jul 2016 07:00:06 -0400 (EDT) Source-IP: 65.19.143.2 Reported-Domain: stevie.heliohost.org Redacted-Address: redacted Redacted-Address: redacted@ --boundary-1138-29572-2659438-15433 Content-Type: message/rfc822 Content-Disposition: inline Return-Path: <lladnar@lladnar.com> Received: from stevie.heliohost.org (stevie.heliohost.org [65.19.143.2]) (using TLSv1 with cipher DHE-RSA-AES256-SHA (256/256 bits)) (No client certificate requested) by mtaig-mcc02.mx.aol.com (Internet Inbound) with ESMTPS id A160C700000A2 for <redacted>; Sat, 30 Jul 2016 07:00:06 -0400 (EDT) Received: from [188.24.197.221] (port=39014 helo=[127.0.0.1]) by stevie.heliohost.org with esmtpsa (TLSv1:DHE-RSA-AES256-SHA:256) (Exim 4.82) (envelope-from <lladnar@lladnar.com>) id 1bTRoM-0005SV-6t; Sat, 30 Jul 2016 03:47:40 -0700 Message-ID: <579C235B.6F1B272C@lladnar.com> Date: Sat, 30 Jul 2016 03:47:41 -0700 From: "Little Miss" <lladnar@lladnar.com> Subject: Yo To: redacted@yahoo.com, redacted@gmail.com, redacted@gmail.com redacted@live.it, redacted@yahoo.com, redacted@aol.com redacted@gmail.com Content-Transfer-Encoding: quoted-printable Content-Type: text/plain; charset=UTF-8 X-AntiAbuse: This header was added to track abuse, please include it with any abuse report X-AntiAbuse: Primary Hostname - stevie.heliohost.org X-AntiAbuse: Original Domain - aol.com X-AntiAbuse: Originator/Caller UID/GID - [47 12] / [47 12] X-AntiAbuse: Sender Address Domain - lladnar.com X-Get-Message-Sender-Via: stevie.heliohost.org: authenticated_id: lladnar@lladnar.com X-Source: X-Source-Args: X-Source-Dir: x-aol-global-disposition: G Authentication-Results: mx.aol.com; spf=none (aol.com: the domain lladnar.com appears to have no SPF Record.) smtp.mailfrom=lladnar.com; x-aol-sid: 3039ac1afd42579c88b619c2 X-AOL-IP: 65.19.143.2 X-AOL-SPF: domain : lladnar.com SPF : none 105lb college freaky girl lookin for a fling nothing else 1-570-919= -0385 is my num for pics if youre into nerdy girls --boundary-1138-29572-2659438-15433--

Did you use localhost as the histname? Did you create a user for the database and assign the user to it?

138.19.30.46 Stevie 2016-08-10 01:57:42 30 failed login attempts to account a****@*********.com (mail) -- Large number of attempts from this IP: 138.19.30.46 You're blocked, escalating.

What is your accounts username?

You're blocked by the firewall. Escalating.

Not sure why that account no longer exists...krydos might have more information. Escalating.

Phishing cannot be unsuspended. Period. Please create a new account.

That account is suspended for Phishing. For security reasons, phishing accounts cannot be unsuspended, backed up, or deleted. You will need to create a new account and restore any backup you may have. Please be aware that you will not be able to reuse any domains on your suspended account, and will need to pick a new username. We apologize for any inconvenience this may have caused.

If you've closed the program, the connections are closed. It's mostly just bad luck that you were on when whatever triggered this happened.

Firewall looks purely at number of open connections from an IP and blocks the ones with the largest numbers when it determines it's being attacked. It can't tell what you're doing, just that you're doing something. Not knowing regular use from abuse, normal users get blocked accidentally sometimes.

Escalating.

Unsuspended again. Please delete your cron job ASAP. If you have only one cron, it cannot be set to run more than twice a day.

This support request is being escalated to our root admin.