wolstech

Please check the email address associated with your account for a link to change your password.

Please check the email address associated with your account for a link to change your password.

The backups were lost in the hack and are no longer available.

We can't change the domain while the server is down. We'll do this later once Tommy is working again.

Yep. The TL;DR is the host hardware for the server you're on got hacked and now has ransomware...we're in the process of recovering it and moving Tommy to another box for the time being, but don't know when it'll be done. If you'd like to delete the Tommy account and get an invite for Johnny (which is up), let us know and we would be glad to do that. Since you donated you can always ask to go back to Tommy later if you wish once it's fixed.

It's an internal server component, I believe it's used for hosting nodejs (?) (might be django/flask but Python is just plain CGI to my knowledge...) I have no idea why a Wordpress site would experience this error considering WP is written in PHP, but the error seems to have gone away regardless. I see a WP site that's in maintenance mode.

You're on Tommy. Please see the News section: https://helionet.org/index/topic/54956-eddie-server-hacked/ No ETA on when it will be fixed, but last I heard getting Tommy running again was the top priority for Krydos.

Yes, the server that Tommy was running on got hacked. https://helionet.org/index/topic/54956-eddie-server-hacked/

Ricky is not currently not available as it has not been rebuilt with Plesk yet. Tommy is currently full due to lack of resources on the server (and being down at the moment, but we hope to have that fixed in the next few days). If you're going to create another account, it's going to have to be on Johnny again.

@allyn51 Considering this is still down, would you prefer a Johnny account for the time being so you can get started? I can delete your broken Tommy account and send an invite for Johnny so you can get started right away. Johnny is up, accepting new accounts, and (when it was up) faster than Tommy due to capacity. We can always send you a Tommy invite later if you want to move over since you donated.

Congrats Kairion!

That account cannot be renewed at the moment because Tommy is down. https://helionet.org/index/topic/54956-eddie-server-hacked/

The SPFs look fine. I'm not sure if or how hesita supplies webmail access, so can't really answer that one. You could always set up a subdomain and install your own though. Round cube is free to download. I'd remove the DKIM value entirely. The value probably came from Plesk (it gives you one to use when you set DKIM up), but will be wrong for mail being sent from your VPS. Gmail is very sensitive about spam, and while it should still deliver since the SPF is valid, you never really know with Gmail. (If mail fails both DKIM and spf, Gmail won't even deliver it to spam...it just discards it and sends a message back to the sender).

Silly question, but do you actually have a mail server installed (and the appropriate mailboxes set up on it)? As for webmail, is the web server set up for a webmail subdomain? I get a 500 error, so either its set up and broken, or it's not set up.

Website should be fixed and no longer be showing those errors as of about 6 hours ago, but since you're on Tommy you still won't be able to log in yet. That server is currently in the middle of being recovered, we're hoping for that to finish sometime today. Users with a Johnny account should be able to log in though.

We'd need to know the username of the old account to find it. His forum username doesn't find anything.

We haven't started on Tommy yet, Krydos is waiting for Cody's hard disk to back up / recover from the hacked server. Cody manages all the user accounts, and is the reason our website is showing all those error messages. It also contains that name server that's down. Last I heard that was 36% complete about an hour ago, but we have no idea if it's even going to boot once the backup finishes. Others online who were hit by the same attack are mostly reporting that the data is fine when they recovered their servers, so we're hoping it'll just work. So far, what I've seen makes me think the cybercriminals were either lazy and hoping people would just pay up without digging into what they did, or perhaps incompetent at ESX exploitation and ransomware usage.

Yeah, Eddie being down means new accounts can't be created. We're in the process of trying to recover Cody (the virtual machine that handles account management), and if it boots successfully once the recovery is finished, new accounts and website logins for Johnny should work again. Also, keep in mind the link in our emails expires after a week if the process isn't completed. For free signups, you can just sign up again if the link expires.

FTP for the files, PHPMyAdmin for MySQL, and it has no DNS server or mail server (it uses the normal HH DNS cluster on Cody/Brody and the mail is sent through Tommy).

Currently it has no control panel at all. It's using a bunch of custom scripts for admin, but there's no user interface. Users just get FTP access for their projects. Lily accounts as they currently stand require you to also have an account on a Plesk box.

Our website and all accounts on both of the Tommy's are unavailable due to a developing incident. If you were on Johnny, you can still use your account by logging in at https://johnny.heliohost.org/ More details will be announced when available.

We can't resend this at the moment due to a developing server incident. You may end up with a Johnny invite for this anyway...

Krydos would know all the details, but one of the big reasons is because unlike those other panels, Plesk also runs on Windows, which means Lily can eventually get Plesk as well.

I'm guessing the server was already trying to fix that in the background and had the database locked at the time you tried. I just went to check on it myself and the webmail is showing as secured already, so it looks like you're good to go

Krydos can check your VPS, unneeded components can typically just be uninstalled. Keep in mind that if it does need to be rebuilt, you only get one free rebuild per month (I think additional rebuilds in the same month are $1 each but don't quote me on the price).