wolstech

We turned off webmail on Tommy late last night. Thanks for letting us know that the performance has in fact improved Please let us know if you need any additional help.

Domain added. Please be sure to configure DNS, the domain may take up to 2 hours to work.

Are you sure the app isn't opening multiple connections at once? Some apps are designed to open multiple connections, and these will fail if they cause the limit to exceed 10. If there is a way to limit the number of connections your app opens in your code, I would suggest setting the limit to 1 and seeing if the issue persists. Krydos may have more information about this.

We're working on this still. For Tommy at least, the latest update is that there is a DDoS attack occurring against the Roundcube webmail service again. Bots keep hitting the Roundcube pages, causing it to run constantly and hog all the PHP slots. This results in 503s when there's none available for actual websites to run. The removal of webmail service is reportedly being tested and considered as a solution since prior efforts to block the bots have been unsuccessful.

Create a DNS record called www.mail in CF, type A, target 65.19.154.94. Leave the proxy disabled on it. Wait overnight and see if the certificate issues (you'll get an email saying it secured the domain if so).

We don't know what's causing this problem, but it affects everyone on Tommy and Johnny. It started a few weeks ago and we initially thought it was affecting only a few users and was related to a DDoS against our webmail service, but that doesn't seem to be the case as the issue is now widespread. Investigation into this issue is ongoing. Please see this News posting for more information and updates as they become available: https://helionet.org/index/topic/64305-503-errors/?do=getNewComment

If these are student accounts, do you have a school email address we can attach to your accounts so we can exempt them? We need one student email address per student account, so please find out which account belongs to which person and provide a list of whose email goes to whose account. Also, tecandsoft already has a replacement account on Tommy (tecandsoftsrv), so it cannot be unsuspended without suspending the new account. The policy is one account per human being, not one account per server.

Being part of the mail subdomain, I wouldn't recommend it. The certificate also likely won't issue with the proxy on because it won't be able to verify the domain.

For MySQL you actually do this yourself. It's in the database user properties in plesk, at the bottom.

It's because you don't have a DNS record for www.mail in your zone. Plesk just assumes every domain has a www version. Realistically, you're never going to use that address, but if you create an A record called www.mail and point to the same IP as mail, it should stop.

Krydos can do this for you.

This is going to be a Krydos question...

Users have a concurrent connection limit of 10 for mariadb, so this would be a reduction.

Yeah that's the impression we got too. It's not code or account specific. Many users are seeing them at random. Logging has been enabled on the servers to try and find the cause. As of now, we know that Tommy and Johnny are affected, but Morty isn't.

int(components["port"]) Considering the value mentioned looks to be a port number, you probably just need to set it somewhere...likely to 443. None (null) does not meaningfully coerce to int in Python (unlike some other languages such as PHP where (int) null = 0). Aside from just setting the variable to start with, your fix would be to use an if statement to check for components["port"] = None and set it to a number.

Yes it is. I've added it as an alias for you and reissued your certificate to include it. If you look in Plesk you'll see it as an alias and under the SSL settings you'll see that it's now secured. You'll need to wait another 2 hours for the new cert to take effect so its actually covered. The cloudflare proxy cannot pass IMAP or SMTP traffic, so any domain you enable that on will not work with a mail client. You can still receive mail at addresses on a proxied domain though (the MX record is what's used to deliver mail to a domain).

If you enable Node through Plesk and let Passenger handle it, the server should start it when needed and kill it when it has no traffic. This only works for apps that receive HTTP traffic though. Passenger launches the app when the traffic comes in, and kills it after a period of inactivity. If you start it manually with npm run start or similar, you have to contact support and ask for your processes to be killed. There is no way to kill a manually started node process, and as a result, our typical recommendation is to never start a node process manually. We do offer VPS service with full SSH root access if you want total control over the app: https://heliohost.org/vps/ Those start at $4/month and come as an empty linux VM. You'll need to install node and anything else you need.

I'll guess you didn't read the instructions for that test completely... By "real email", we mean an actual message you've sent someone, with a body and subject. You sent an empty email... -2.344 EMPTY_MESSAGE Message appears to have no textual parts and no Subject: text -1.767 MISSING_SUBJECT Missing Subject: header Add a subject to your message! -1.985 PYZOR_CHECK Similar message reported on Pyzor (https://www.pyzor.org) https://pyzor.readthedocs.io/en/latest/ Please test a real content, test Newsletters will always be flagged by Pyzor Adjust your message or request whitelisting (https://www.pyzor.org)

You're welcome. You can just reply here if you have additional concerns tomorrow

Can you please find out who the other account belongs to and have them contact us as well from the email address on their account? We just need to confirm there's 2 people here and both accounts can be kept.

That works. If it will only be used for personal use and not for bulk email, 100/day should be plenty. Limit increased. Note that multiple recipients on a message do count as their own email (for example, if I send one email to 4 friends about a party...that counts as 4 emails in our system, not 1).

It works because you installed a real publicly trusted cert instead of CF's origin cert. Whether it plays nicely for IMAP will depend on the client you use. If it's working, feel free to use it. It definitely doesn't work with all clients though, which is why we recommend using morty.heliohost.org. If you come across a client that won't connect using your domain as the server, this is the first thing to try. Once the certificate takes effect (about 90 minutes from now), you can try turning the CF proxy back on for the main domain record (giuliodinatale.it) and the www CNAME record, and testing with the security features you mentioned. They should work Be sure to leave the proxy off for the mail.giuliodinatale.it and ftp.giuliodinatale.it domains. CF does not support proxying mail and FTP services, so they will break if proxied. By the way, you exceeded your mail sending limit of 50 per day while testing and the server disabled your ability to send email. I went ahead and turned that back on for you. Please be mindful of the 50/day sending limit going forward. If you need more emails due to sending bulk messages, there are some questions you'll need to answer and we can have the limit increased.

Leave the name servers set to CF for now since you already have that set up. Turn off the cloudflare proxy for all records you have set in CF. This effectively just turns CF into a DNS server with no fancy features. Update the DNS records as above: Change the MX to morty.heliohost.org, and the SPF to the one I provided. Change the p=reject in the DMARC record to p=quarantine instead. In Plesk, reissue the certificates for your domain using the Lets Encrypt option. Since you have all required DNS records including webmail created, you can select all options except for wildcard certificate (which we don't support). Once it succeeds, wait 2 hours for the certificate to take effect, then clear your cache. After that, try connecting to morty.heliohost.org using a mail client (IMAP and SMTP). Use an email address you created on your account as the username, and the matching password. If it gives an authentication error, reset the mailbox's password and try again. If you get an error, please post the settings you used and the error message. When the emails come back, is there an error message? If so, please post it. Returned mail is usually an SPF/DMARC/DKIM issue.

Please check your PMs for information regarding your Lily account.

The IP not working for accessing your site is normal. It's a shared IP used by thousands of domains and relies on SNI (Server Name Indication) to determine what content to serve. I've added d2.mwl04155.top as an alias on your account. You'll need to configure the Cloudflare zone for that domain to point to the same IPs as the yriver.heliohost.us domain, then wait 2 hours and it should work.