Jump to content


  • Content count

  • Joined

  • Last visited

Community Reputation

10 Good

About TheHackRepairGuy

  • Rank

Recent Profile Visitors

The recent visitors block is disabled and is not being shown to other users.

  1. Question. Is this fixed in 7.7.1: Troubleshooting PayPal Subscription payments not being applied correctly
  2. Since upgrading to the latest version and switching to Invisible reCAPTCHA the bogus account signups have only gotten worst. I've switched back to v2 Checkbox to see if that makes a difference. It's just apparent that WHMCS has had a backdoor for signups that bypasses the CAPTCHA entirely for some years now. Am I the only one still experiencing this maddening situation where I wake up each day and find dozens of bogus European new account signups? And to make matters worse, I don't see a mass delete option on the View/Search Clients page. That seems a bit nutty to me that no one has thought of including an option to select and delete multiple accounts...
  3. TheHackRepairGuy

    Two factor Authentication?

    The hosting industry has learned the hard way (for some) that SSL certificates are "necessary" and must be free to improve the overall Internet among other reasons. It would appear that WHMCS's holding on to charging for two-factor authentication follows the same wrong thinking. You folks at WHMCS need to take on the mantle of security and give everyone open access to two-factor authentication "now". This hold out to make a few bucks on security is frankly sickening. We need to give everyone as secure an experience as possible hosting wise. And I do believe that WHMCS forcing people to charge for login authentication, like SSL, is simply thinking too small. I know you guys are better than this. Sure make your few dollars on the duo thing. No one begrudges you on making a few bucks on more features. But seriously, let's get out of the stone ages and think 2020 security. Give our customers open access to secure their accounts out-of-the box, without having to jump through hoops or "pay a toll" to be secure. It's simply the right thing to do. What say you?
  4. TheHackRepairGuy

    Security Plus+ for WHMCS

    Well worth the cost and the developer is "extremely" reponsive (over the course of years). Can't imagine anyone doing real business using WHMCS without this app.
  5. It's really more annoying than anything currently. Since new customer signups are not auto provisioned order wise, I'm not losing any money. But my real fear is that hackers are creating bogus accounts such that one day when WHMCS is hacked (just a matter of time) and hackers have live accounts on a site, they will have potentially thousands of accounts at different hosts ready for action and exploitation. The email verification addons I'm seeing do look like they'll cut down on a lot of bogus signups. HTB Email Verification and Security Plus+ appear to be the most full featured in this regard.
  6. Just creating accounts. Then orders placed from hosting company IP's (php scripts on hacked accounts apparently). And my create account form does use the default: Spam Bot Verification Please enter the characters you see in the image below into the text box provided. This is required to prevent automated submissions.
  7. Is anyone else experiencing or seeing an increase in bogus account creations this past month? I'm see a distributed account creation botnet or network of sites creating bogus WHMCS signups, with seemingly legitimate information. I can tell these are bogus due to the IP's using web hosting servers at other web host IP's, AWS cloud, etc. (and not ISP / web browser connections). Any thoughts regarding this?
  8. Did anyone get their hook to setup to work, or can post an example here?
  9. I know it's not that hard to do but I'm looking for someone to help code my invoice template to get rid of the damn extra lines ("all" configurable options). WHMCS forces me in include "all" the Configurable Option in the email invoice for some crazy reason, like: Option: Add Bulk Space 1gb, $1.95/mo.: 0 x +1gb space Option: Add Bandwidth 1gb, $0.49/mo.: 0 x +1gb bandwidth Etc. I want that junk gone, as it only confused the heck out of people (come on WHMCS- what the heck!). Who can offer some help on this one? Thanks, Jim
  10. TheHackRepairGuy

    OATH Two Factor Authentication

    As far as I can tell this is not ready for prime time. - Not automatically available to clients even after checking box - No way for client in their "My Account" to enable or disable two-factor Client login does not work at least in my installation.
  11. Hi folks, Ok, so I've been playing around with a number of Addons. Problem with most is that they use index.php as their base (instead of clientarea). Only problem, and I have to believe this is pretty common, is that my index.php, which leads off to header.php, is quite "heavy." So there is a statement in header.tpl which we all love dearly: {if $filename eq "index"} Everything above this line is included on all pages (standard header, menu, et al), and everything below is the home page body. So there lies the problem. In an Addon like the excellent jetserver.net's CSF, which utilizes this statement to "include" the content for CSF: example.com/index.php?m=csfmanager you can envision the obvious problem. Since index.php is called, and index.php simply sucks in the contents of header.tpl, and that statement: {if $filename eq "index"} essentially includes much of the home page content as well, you then get this bloated page, with lots of unnecessary stuff meant only for the "home page" Thinking creatively: I'm wondering if it might be possible to set up an index2 with it's own header2.tpl script associated with it, etc. How is every one else handling is rather messy setup?
  12. Anything become of this one, or anyone work out a fix for this? Seriously, would you expect to buy a computer at Best Buy and walk out with a receipt for every part in the store that will connect to the computer?

Important Information

By using this site, you agree to our Terms of Use & Guidelines