wolstech

It's been answered above (that was a 10 year old post, back in the day we were a lot more lax about things like this). Any forum posts from before 2021 might reference servers and configurations that no longer exist or are no longer supported (we switched platforms in July 2021). As for it being in Plesk, if it's available there, it's probably a default application that came with the system. The load restrictions are something we implemented, so Plesk has no idea the software won't actually run in our configuration. Plesk offers Wordpress too...which is also a leading cause of high load suspensions.

Those limits would cause your account to be suspended for high load within minutes (especially the memory, though the execution time could be a problem for CPU usage as well). If the application needs those sorts of limits, you'll need to buy a VPS instead.

Krydos is the one to speak to about this. Escalating.

We couldn't do that if we wanted to. The paypal fee would eat a $0.01 donation.

This is why you keep getting hacked. I just looked and you seem to have restored the same version of Joomla from August 2020 that has been hacked twice now, so plan to be hacked again in the next few days. Now that the site is restored, you need to immediately update Joomla and all extensions to the latest versions. If it can no longer be updated to a supported and secured version, you should discard the backup and start over entirely.

Did you rebuild the site completely after the last time this happened? Changing passwords doesn't fix these hacks after the fact, you have to rebuild the site or restore using a backup prior to it being hacked, then update all of the software (both the base software and the extensions). Remove any extensions you don't use. These hacks are usually a result of using outdated software or dubious extensions from random untrusted websites. It looks like you're using Joomla which does tend to be less prone to attacks (compared to WP) when kept updated.

Done. Might take 2 hours to start working.

Krydos can cancel this for you.

Added. Also, I enabled SSL on your domains since that wasn't set up for you.

It really depends on the WP configuration. WP in general is really heavy though. If you want to make the site available once the backup is done so you can put in maintenance mode, just edit the .htaccess file in your public_html folder and put a # in front of the deny from all line. Just make sure you watch your load at https://heliohost.org/dashboard/load/ to make sure it isn't too heavy.

You're suspended because your Wordpress site got hacked, caused high load, and ran the account out of disk space. WP is infamous for being hacked, which is a big reason that we hate WP around here and encourage everyone to avoid it. Those random named files are all malware: root@johnny [/home/ayur.heliohost.org/public_html/drroshan.pro.np]# ls about.php hgwixjzq.php iupjhnwi.php link.php picture_library robots.txt wp-blog-header.php wp-cron.php wp-mail.php backup_1 hxrdxlua.php jdijmahr.php makjiujz.php profile.php rzfnzfjl.php wp-comments-post.php wp-includes wp-settings.php cgi-bin images krqmk.php oiijygjj.php pvwpyaze.php tempfuns.php wp-config.php wp-links-opml.php wp-signup.php gmpozdrl.php index.php lainfdqr.php okjgycza.php readme.html wp-activate.php wp-config-sample.php wp-load.php wp-trackback.php guuzs.php inputs.php license.txt pggmmypo.php rmaou.php wp-admin wp-content wp-login.php xmlrpc.php The disk space was because your logs ballooned as a result of the hacker attacking the site (note the 693MB access_ssl_log.processed file and 30MB error_log): root@johnny [/home/ayur.heliohost.org/logs/drroshan.pro.np]# ls -l total 711960 -rw-r--r--. 2 root root 0 Jan 13 2023 access_log -rw-r--r--. 2 root root 515270 Nov 18 05:09 access_log.processed -rw-r--r--. 1 root root 1775 Nov 18 05:08 access_log.webstat -rw-r--r--. 2 root root 0 Nov 18 05:08 access_ssl_log -rw-r--r--. 2 root root 693029144 Nov 18 05:09 access_ssl_log.processed -rw-r--r--. 1 root root 157504 Nov 18 05:08 access_ssl_log.webstat -rw-r--r--. 2 root root 31731445 Nov 17 18:44 error_log -rw-r--r--. 2 root root 1152 Nov 18 13:07 proxy_access_log -rw-r--r--. 2 root root 51143 Nov 18 14:51 proxy_access_ssl_log -rw-r--r--. 2 root root 3523482 Nov 17 17:54 proxy_error_log This happened to another longtime user as well, also WP being hacked: https://helionet.org/index/topic/57625-solved-suspended-hh_rockygl1/ Krydos can back it up for you, then we can reset the account to remove the malware.

You asked this question here: https://helionet.org/index/topic/57644-i-have-purchased-a-domain-name-and-ive-donated-for-a-tommy-account-how-do-i-sign-in-and-activate-my-accountweb-site/ This section of the forum is not for support.

WordPress struggles to run here because of how poorly it's written, especially when plugins are used. Usually WP sites just cause load to the point you end up suspended, but sometimes the pages take long enough that the nginx gateway times out waiting for Apache, which means your WP install is so bloated from extensions that the pages can't even generate in 30 seconds. Start by removing all of your extensions and testing it. Vanilla tends to run decently. Then add them back one at a time. WooCommerce, WordFence, and Elementor are some extensions well known for causing load and performance issues, but there are plenty of others as well... The best solution is to replace WP with different software, but that may not be an option for you.

You received an email with a link to create the tommy account. It looks like you didn't complete the creation process and abandoned it about an hour and a half ago without entering a domain. Click the email link again and complete the registration. Enter the domain without the www. and make sure you specify its a custom domain. If you can't get it to work, you can just take one of our subdomains for now and we can add the domain you bought to the account once the account is set up. After that, you need to set the name servers of the domain to ns1.heliohost.org and ns2.heliohost.org (you do this at your domain registrar), and wait up to 2 hours for the site to be set up.

Someone resuspended you for the load because the deny from all had been commented out (Krydos had mentioned doing that when I asked about the Apache page, which is unusual for a deny from all...we think that's related to the fact you're a transfer account) Unsuspended and site blocked again. Please remove the WP site quickly.

There was maintenance to MySQL that would’ve caused this. That maintenance has completed.

That whole page is stale. Ricky no longer exists, tommy moved hostnames and ports, and cPanel isn't used any more...yeah someone should rewrite that. Thanks for pointing it out. Let us know if you need anything else

Space added. Thank you for the donation Limit is 6000MB / $25 now. That was changed a while back during the last fundraiser.

What domain needs to be removed?

Yep. The tommy.heliohost.org address was the old cPanel box that doesn't exist anymore, it's tommy2.heliohost.org for the Plesk box.

Escalating because I suspect there may be a larger issue with your domain still showing a default webpage instead of the 403 error I'd expect of that deny from all statement...

Not sure what's going on with this one. It's there and enabled, DNS looks fine, and I'm seeing a default webpage as well. Second account today to do this. Escalating.

Please check your email for a link to set up a fresh account. You can choose a new username as part of the process, and resetting an account automatically deletes all domains on the account.

Unsuspended. I've added "deny from all" to the htaccess in the public_html folder for you to disable the website. It may take up to 2 hours for everything to settle as the domains look to be pending an apache restart at the moment (currently returning default webpage).

The server you are currently on already supports both of these. Node can be set up from plesk, and python you just...use. There is no control panel for Python. https://wiki.helionet.org/tutorials/node.js I'll have to dig around for Python instructions, the wiki has an outdated tutorial for our old cpanel servers still.