wolstech

This is why you keep getting hacked. I just looked and you seem to have restored the same version of Joomla from August 2020 that has been hacked twice now, so plan to be hacked again in the next few days. Now that the site is restored, you need to immediately update Joomla and all extensions to the latest versions. If it can no longer be updated to a supported and secured version, you should discard the backup and start over entirely.

Did you rebuild the site completely after the last time this happened? Changing passwords doesn't fix these hacks after the fact, you have to rebuild the site or restore using a backup prior to it being hacked, then update all of the software (both the base software and the extensions). Remove any extensions you don't use. These hacks are usually a result of using outdated software or dubious extensions from random untrusted websites. It looks like you're using Joomla which does tend to be less prone to attacks (compared to WP) when kept updated.

Done. Might take 2 hours to start working.

Krydos can cancel this for you.

Added. Also, I enabled SSL on your domains since that wasn't set up for you.

It really depends on the WP configuration. WP in general is really heavy though. If you want to make the site available once the backup is done so you can put in maintenance mode, just edit the .htaccess file in your public_html folder and put a # in front of the deny from all line. Just make sure you watch your load at https://heliohost.org/dashboard/load/ to make sure it isn't too heavy.

You're suspended because your Wordpress site got hacked, caused high load, and ran the account out of disk space. WP is infamous for being hacked, which is a big reason that we hate WP around here and encourage everyone to avoid it. Those random named files are all malware: root@johnny [/home/ayur.heliohost.org/public_html/drroshan.pro.np]# ls about.php hgwixjzq.php iupjhnwi.php link.php picture_library robots.txt wp-blog-header.php wp-cron.php wp-mail.php backup_1 hxrdxlua.php jdijmahr.php makjiujz.php profile.php rzfnzfjl.php wp-comments-post.php wp-includes wp-settings.php cgi-bin images krqmk.php oiijygjj.php pvwpyaze.php tempfuns.php wp-config.php wp-links-opml.php wp-signup.php gmpozdrl.php index.php lainfdqr.php okjgycza.php readme.html wp-activate.php wp-config-sample.php wp-load.php wp-trackback.php guuzs.php inputs.php license.txt pggmmypo.php rmaou.php wp-admin wp-content wp-login.php xmlrpc.php The disk space was because your logs ballooned as a result of the hacker attacking the site (note the 693MB access_ssl_log.processed file and 30MB error_log): root@johnny [/home/ayur.heliohost.org/logs/drroshan.pro.np]# ls -l total 711960 -rw-r--r--. 2 root root 0 Jan 13 2023 access_log -rw-r--r--. 2 root root 515270 Nov 18 05:09 access_log.processed -rw-r--r--. 1 root root 1775 Nov 18 05:08 access_log.webstat -rw-r--r--. 2 root root 0 Nov 18 05:08 access_ssl_log -rw-r--r--. 2 root root 693029144 Nov 18 05:09 access_ssl_log.processed -rw-r--r--. 1 root root 157504 Nov 18 05:08 access_ssl_log.webstat -rw-r--r--. 2 root root 31731445 Nov 17 18:44 error_log -rw-r--r--. 2 root root 1152 Nov 18 13:07 proxy_access_log -rw-r--r--. 2 root root 51143 Nov 18 14:51 proxy_access_ssl_log -rw-r--r--. 2 root root 3523482 Nov 17 17:54 proxy_error_log This happened to another longtime user as well, also WP being hacked: https://helionet.org/index/topic/57625-solved-suspended-hh_rockygl1/ Krydos can back it up for you, then we can reset the account to remove the malware.

You asked this question here: https://helionet.org/index/topic/57644-i-have-purchased-a-domain-name-and-ive-donated-for-a-tommy-account-how-do-i-sign-in-and-activate-my-accountweb-site/ This section of the forum is not for support.

WordPress struggles to run here because of how poorly it's written, especially when plugins are used. Usually WP sites just cause load to the point you end up suspended, but sometimes the pages take long enough that the nginx gateway times out waiting for Apache, which means your WP install is so bloated from extensions that the pages can't even generate in 30 seconds. Start by removing all of your extensions and testing it. Vanilla tends to run decently. Then add them back one at a time. WooCommerce, WordFence, and Elementor are some extensions well known for causing load and performance issues, but there are plenty of others as well... The best solution is to replace WP with different software, but that may not be an option for you.

You received an email with a link to create the tommy account. It looks like you didn't complete the creation process and abandoned it about an hour and a half ago without entering a domain. Click the email link again and complete the registration. Enter the domain without the www. and make sure you specify its a custom domain. If you can't get it to work, you can just take one of our subdomains for now and we can add the domain you bought to the account once the account is set up. After that, you need to set the name servers of the domain to ns1.heliohost.org and ns2.heliohost.org (you do this at your domain registrar), and wait up to 2 hours for the site to be set up.

Someone resuspended you for the load because the deny from all had been commented out (Krydos had mentioned doing that when I asked about the Apache page, which is unusual for a deny from all...we think that's related to the fact you're a transfer account) Unsuspended and site blocked again. Please remove the WP site quickly.

There was maintenance to MySQL that would’ve caused this. That maintenance has completed.

That whole page is stale. Ricky no longer exists, tommy moved hostnames and ports, and cPanel isn't used any more...yeah someone should rewrite that. Thanks for pointing it out. Let us know if you need anything else

Space added. Thank you for the donation Limit is 6000MB / $25 now. That was changed a while back during the last fundraiser.

What domain needs to be removed?

Yep. The tommy.heliohost.org address was the old cPanel box that doesn't exist anymore, it's tommy2.heliohost.org for the Plesk box.

Escalating because I suspect there may be a larger issue with your domain still showing a default webpage instead of the 403 error I'd expect of that deny from all statement...

Not sure what's going on with this one. It's there and enabled, DNS looks fine, and I'm seeing a default webpage as well. Second account today to do this. Escalating.

Please check your email for a link to set up a fresh account. You can choose a new username as part of the process, and resetting an account automatically deletes all domains on the account.

Unsuspended. I've added "deny from all" to the htaccess in the public_html folder for you to disable the website. It may take up to 2 hours for everything to settle as the domains look to be pending an apache restart at the moment (currently returning default webpage).

The server you are currently on already supports both of these. Node can be set up from plesk, and python you just...use. There is no control panel for Python. https://wiki.helionet.org/tutorials/node.js I'll have to dig around for Python instructions, the wiki has an outdated tutorial for our old cpanel servers still.

If you're suspended, you can't log in, and any attempt to do so won't count. If you remain suspended for 30 (might be 60?) days, your account and its content is permanently deleted. If you aren't ready to fix it, the best course of action would be to unsuspend it but block the website with .htaccess so it can't be accessed and won't cause load. That way you can still log in to keep the account alive. Do you want me to do that? As for caching, if you're using WP and have dynamic content, caching will help a lot less than if the site is mostly static pages. You can't cache dynamic content since it has to run on every page load in order for it to be current.

Please check your email for a link to reset your password.

Removed. Please let us know if you need anything else

I already answered this in your original post. You're suspended for having more than one account. https://helionet.org/index/topic/57593-solved-me-suspendieron-por-error/ You have 5 accounts.