SinOjos

The real fault lies with whmcs, for not utilizing hosting that is secure. Since whmcs is a billing system, a highly attractive target, they should be running their system from a banking compliant hosting provider, which means restricted access locked room for the servers, as well as additional security limiting online access. 97-99% of stolen company data is done from the inside. That includes direct employees and any contractor employee's, which in this case means hostgator. It is clear that whmcs needs to start handling it's business with security that is required by credit card transaction regulations. Until that level of security is implemented by whmcs for it's own servers, every user of whmcs is at risk. As not only could the whmcs servers harbor a data post grabber or database dump capability to a remote location, but code could be injected into the whmcs download it self to get credit card data from every company that uses whmcs. With the potential of hundreds of millions of dollars to be had, strict security needs to be a**ered to by whmcs, as human nature is generally the weakest link, whether it be a disgruntled employee or some one willing to make some money. The lowest paid and least educated employees are generally support personal, yet they are the ones with the ability to access any system at a hosting company. The incentive of earning thousands or hundreds of thousands or millions of dollars is simply to great to allow average support personal access to servers that hold or process credit card transactions. This is nothing new, old news and old knowledge, but apparently whmcs is not security minded, hell they cannot even verify their own customers from within their own system, the internal ticketing system is not secure, that is by their own admission. Whmcs needs to go back to the grindstone and implement better security procedures for its own servers and clear up the security flaw in the ticket system. They may be able to ask for login details to verify their customers, but many users of whmcs do not sell products that allow such a method to be used to verify the customer. So how does a user of whmcs verify a client if the tickets in the ticket system cannot be trusted?

If the only way that whmcs can verify an account is by login to the customers install, then what do the companies that use whmcs for their billing do? Not all products sold allow that kind of ability, so how does a whmcs user verify their customers if the internal ticket system cannot be trusted? This is a serious problem that needs to be addressed.

Matt, The below is quoted from a reply from Lawrence via your ticket system. "we accept tickets via e-mail and, while unlikely, it possible that a malicious user could spoof your e-mail address". That specifically states that your ticket handling method is not secure.

They have persisted in five reply's that the only way to confirm my account is for them to log in to my whmcs admin installation. If they are not smart enough to figure out a better way to confirm an account, I do not think whmcs is for me. By their own admission their internal ticket system is not secure. That alone kills it for me, as how could I ever trust a support ticket in the system. If someone can inject support tickets without being logged into an account, then nothing could ever be trusted within the system. They need to re-think security, as whmcs is not secure by their own admission.

I have replied a couple of times and they still persist in wanting to login to my admin section of my whmcs installation. Apparently nothing is secure with whmcs, if they cannot trust a logged in customer using their internal ticket system, then I will not be able to as well. That is a serious security problem. Going to start looking at other billing systems. If the internal ticket system cannot be trusted, then nothing can be trusted. Apparently whmcs does not comply with security standards, as evidenced by the recent break ins, not a good idea to use a system that is dangerous to your customers.

I just requested an email change and they want me to send them an admin login to my whmcs installation. I have replied that I will not do that. They also said that their ticket system is not secure, as I could be spoofing and I may not be who I claim to be. It looks to me that whmcs needs to address security further. As apparently they do not trust someone who is logged in and using their internal ticket system. Very suspect when they want my admin login to my whmcs installation. Anyone else getting weird reply's from support wanting your login information?