Jump to content


Level 2 Member
  • Content count

  • Joined

  • Last visited

  • Days Won


yggdrasil last won the day on September 27

yggdrasil had the most liked content!

Community Reputation

38 Excellent

About yggdrasil

  • Rank
    Level 2 Member

Recent Profile Visitors

The recent visitors block is disabled and is not being shown to other users.

  1. Just a quick reminder to everyone that PHP 5.6.x is EOL at the end of this year. It means no more security fixes and updates starting on January 1, 2019. If you still didn't upgrade to PHP 7, I think this is a good time to plan ahead before the end of the year. Otherwise don't be surprised if your site is compromised next year once a new exploit on 5.6.x is discovered. I think its important to make this reminder as more than 60% of websites are still running on this PHP version.
  2. yggdrasil

    Logged as Admin locale bug?

    That is just horrible and very unprofessional. What point is there in having WHMCS in all locales if the rest of your sales pages and help docs are not? Neither is customer support, billing, etc. And this is exactly what I did. I only have all locales in my dev/testing installation. I removed all languages files I don't use or support and this is also why I don't use the auto updater and never will. Because the updater will never be aware of all the things I did, removed, added or changed. I don't want the auto updater feature, its just asking for troubles overwritten things. But we don't really have a choice do we? Its not that I can decide to keep using v5 or v6 because WHMCS will not support it anymore with security fixes and since the code is not open you cannot patch or maintain it. We are forced to upgrade to each new release and personally I think they are deprecating old versions way to fast for the type of market they sell (business or entrepreneurs looking to start a new business). They should learn something from long term support like Microsoft or Red Hat. I don't say they should support their software for 10-15 years, but come on. 1 year is not enough, in particular when they take longer to fix some bugs. I was forced to upgrade WHMCS, otherwise I would still be on v6. That makes zero sense. I just received an email from Modules Garden 10 minutes ago in which they say they are dropping the pricing for their open code licenses as they see how popular they are getting. This makes absolutely sense in a world that is more developer friendly. I also asked another big company in the US why their WHMCS module its encoded and they said, "Yes, it was a controversial decision and we discussed this internally, probably not going to encode in the future but if you want I can give you the non encoded version." (I asked if I could get that after a NDA agreement and their answer was that). That company is exactly the sort of company I want to work with. The reason this makes no sense from WHMCS developers is because someone that modifies the code knows what he/she is doing. Someone that is not a developer will not dare to change something and have hell break lose. Also, its stupidity to say this will lead to more support for WHMCS (which I suspect is their reason). Don't they know they can do a simple MD5 checksum on files and then just not support someone if they modified those files? Problem solved. Newbies that modify the code and break something, no support. For those that do, in most cases they also have a development installation. If I was WHMCS I would just start to work with partners and resellers again if they want to get rid of heavy support costs. Sell licenses, let others do the post sales. Again, this will lead to a bigger WHMCS ecosystem as other companies can also profit by giving consulting, developing or WHMCS support. Anyone that modifies code or is a developer will has dev license which is free with WHMCS. And the first thing a developer will do is test a clean install to try to replicate the issues, if its not there, she/he is aware its something on his custom code. I can't possible believe this leads to WHMCS support reduction (encoding). To the contrary. I would had never open a ticket if I could solve things on my own except for very basic questions which a level 1 staff can answer by just providing canned replies to links from the docs. In either case it will lead to massive drop in support requests for several reasons (the tickets that WHMCS support can't solve in the first place...!!!). Advanced users will not open tickets for hidden code related problems and the newbies will get help here from developers here. This community and the software will boom like a new plant because since everyone can see the changes, it means everyone can help everyone else as well. Maybe even have a monetary incentive here in the forums for the ones that help others the most. And sure, they can keep the license core encoded. I don't ask fully non encoding and I have nothing against IonCube either except when its abused by developers, its not suppose to be made to encoded everything just the critical files. I just ask for the rest of the stuff to be "modifiable". Seem to much to ask for a software you are paying? Even the gaming industry is heavily moving to DRM free games. Why? It causes way more issues than problem it solves. Its anti consumer and does not really stop piracy. If anything, people that pay WHMCS do it for a lot of reasons than just the files. Updates for one and the ecosystem of third party add-ons. Why would anyone not pay modules garden or WHMCS a small fee to get yearly updates and support just in case they need to ask something? Even in India, where developers charge like a few bucks the hour, that is still more expensive with a few changes than a yearly fee. I know third world countries and trust me, something like $99 a year is not breaking the bank for anyone that actually uses WHMCS for business and not hobby. Anyone that does business will never have a problem paying fee that is affordable. And those companies that have developers modifying the code. Common, if they are already paying hundreds of dollars or thousands to modify a specific code, they will also have no problem paying a small update fee. It also leads to bigger brands and companies adopting WHMCS. Those big brands are the best sales persons in the world doing work for free for WHMCS, as newbies say, "what is XX company using?", WHMCS. Wow, then I will use that as their modifications and platform is great and it means I can do that in the future as well. If they can, I can. They just follow the pack! And look cPanel? Does someone decides not to pay their license and pirate them because the code is open? Of course not. And look Plesk, gazillion more features but everyone is still on cPanel. Why? Its open, its very customizable and developer friendly, and has a huge ecosystem of third party integrations. Plesk is encoded and they charge for every single extra or addon. Result? cPanel is the world leader, Plesk will never be. If you want to create an ecosystem around your product you need to give in order to receive. More installations means more developers interested (as it means more money), open means more developers and more installations. It's a circle. One developer I talked said he was not interested on doing WHMCS modules anymore as he sold almost nothing vs something like Shopify, those customers paid more and he sold way more quantities. You see the problem? Even developers are not really that interested on WHMCS anymore, its harder to customize and it seems their market is shrinking in terms of active installations. And you need people making money with their sites using WHMCS in order to be able to afford those third party modules. 15 years old launching their summer hosting company with WHMCS will not cut it. They need active installations in the long run, that means business and people that actually make money for a living. And those people will never really be interested on WHMCS with the current state of other options available, not to even mention open source software. And bigger companies? They care little about budget software or price but flexibility, something WHMCS is opposed as a company. They try to be as inflexible as possible with everything. Very low at this point. It would not surprise me if WHMCS is selling less than they ever did in their history. Price increases in the past and the limiting licenses by number of active accounts tells me they required more money from a less number of installations. Not to mention the changing from owned licenses to just lease. This is what companies do when income starts to drop, milk existing users. It never ends well unless new blood is coming...Of course I forgot. The market thing!!! That also means they are looking for new business income. What does this tell you? Finances are not looking great. Let me guess. Drop in sales and active customers. I'm almost entirely sure of that today with some things they are doing. They are reacting in an aggressive way towards a market that is changing. Existing customers suffer. Technology companies like WHMCS that don't adapt to quick changes die. In the past every hosting company that offered a reseller service had WHMCS as bundle. Today most don't. I assume that means a huge drop in licenses. And then you have all the big cloud vendors that are destroying small hosting companies left and right. Even less market. And then you have WHMCS that focuses all their developing efforts on commodity products like domains or certificates...Seriously, who buys WHMCS to just sell domains or certificates? You would need to sell hundreds per day just to be profitable or even compete vs more established companies. There is no money in an industry in which domains make cents of profit/year and certificates are free. Most people that moved out of WHMCS did because they never focused on VPS, cloud or servers (this was already 3-4 years back...). They still don't have hourly metered and doing dedicated servers with WHMCS is a joke. Not a single way to configure things (no field logic) and while you can do hourly or metered billing with hooks and the API, it requires to build your own modules around WHMCS. And then WHMCS makes the amazing decision to remove things from open files and encode even more stuff !!! Hostile towards their power users and developers. Just look this community? I remember WHMCS forums in the past years (I always landed on their forums searching things, while I was not a customer yet), it had like thousands of people visiting and hundreds active at any point of the day. Just look the participation rates now. Its what? 5 or 10 active people? The rest come and go. I think WHMCS will have to seriously start to accept some of the things I and others says or they will have a very rough time ahead. cPanel is not going to save them either, unless they change as a company, we can only hope they sell the company off and the new owners makes the required changes to turn the company into a very profitable business again. Its that or their competition will just keep gaining more and more traction. And by competition I mean every other software that lets you sell online, including services. WHMCS is not unique to services anymore. The people that do make money with other stuff, like selling software, or intangible things, or other sort of IT services & cloud products are not using WHMCS anymore. I know a lot of other companies some small, some very big brands, that used WHMCS and they don't anymore. That should tell you something. Some run custom things now, some moved to other products. But almost all of them agree with one thing. The company is very closed to feedback and suggestion (hard to work with), bugs are an issue and they can't modify WHMCS to fit their business, eventually they hit a road block, everyone that grows to a certain point will find WHMCS not workable anymore. (let me guess...encoding...) so they move to open source in most cases or a product that can be modified and adapted to their business. At that point pricing is not a problem for them anymore. The road block is causing them more loss of revenue.
  3. yggdrasil

    Replacing 2checkout?

    Romanians purchased 2CO? 2CO was a train wreck already when it was American. I would never use them again ever. Their support was already awful and their system horrible, no wonder they sold. I would advise looking all the payment gateways supported with WHMCS and just pick one of those listed companies.
  4. yggdrasil

    Price setting issue

    Did you tried to disable the other fields with -1.00?
  5. yggdrasil

    Logged as Admin locale bug?

    I can completely understand if some people want this, for example passing the admin language to the link in case they don't understand the locale of the current customer but in my case I do, so I think I will remove what you pointed out. I prefer just to see the language the customer has set on his account. I might have to test the other things you mentioned. I'm very sure that just logging in as admin does not change the customer account locale in my case. I tested this multiple times, I always see it on English (my setting) but then go back to the customer profile after logging out to check the locale (because I'm aware of the bug that flips it). Its when I click something on the account the locale switches. I might have hard coded the lang parameters in some URL's in the site for each language, so that could also be the cause for my setup but I will definitely change this behavior back to v6, v5 and before. I don't want to pass the language parameter on the admin login link. This could also explain why I didn't saw this occurring before but after I upgraded. Personally, I don't like this new behavior. If the customer has his profile in French, I want to see it in French because the text might be different as well other content specific to that locale. Same if its Italian or just any language. The point is that in order to replicate or help a customer I need to see exactly what he/she does, even if I don't understand the language but then again its very likely this is not the case with any company either. If someone provides a locale in WHMCS its very likely that person or organization has a staff that also speaks the particular language (for support tickets and other things) so that person might be the one assigned to that case, or like in my situation, I speak all the languages I offer for customers. No reason to offer the site and service in something I don't understand and can't properly support. If this is encoded, I guess WHMCS screwed us again. Because this is causing me problems and no way to change this back if its encoded. I now realize that 99% of my WHMCS problems are with their encoding and the constant changes they make (to the worse...). They keep changing behaviors from previous versions assuming this is the best approach without testing anything and without realizing if something was working for years in one way and nobody complained why change it...If this can't be fixed, the Login as Client in WHMCS will be basically another dead feature for me that I can't use anymore as it causes more issues than what it solves. And even if they fix stuff in the future, I trained myself mentally to never use some things anymore. If you raise a ticket they will say its not a bug but its an intentional feature 🤮. This is what I find misleading about WHMCS in terms of new versions. The way it worked before can be considered a bug for those that want to pass the language but the new behavior can be a bug for those that don't want it this way. So basically what WHMCS does is removing one way of doing stuff for another. If this was indeed a new feature, they would offer it as a new option without removing the previous method. Just like with their new SEO URL which screwed me in a big way and still cannot fix some stuff. I ended up making hooks and PHP code everywhere to detect URL's and try to fix what WHMCS broke. A feature is if I as a WHMCS customer can select the new behavior on my installation, it has to be optional, free will to use it or not use it. Its not a feature if they remove how something worked in the past and decide to force the new method on everyone else. WHMCS developers should listen to this, OPTIONS, OPTIONS, OPTIONS. Instead of removing and replacing code, just add check boxes with options on the admin side so people can select one or another method for how some things work. I know, its complex to have the same software working in different ways, but if you are not going to add yes and no options for stuff, then you are royalty screwing people because since most stuff is encoded we cannot change things even if we want. If they don't want to put options in place for settings, they should seriously not encode this stuff. And they are driving customers away, the more features you stop using with WHMCS over the years, the less you rely on the software. This is the way to lose loyal customers. I find it surprising that most WHMCS users here on the forums are always new to WHMCS. They then vanish after a few months. This tells me WHMCS is just profiting from temporary customers, not long term customers.
  6. I have noticed something with WHMCS which I'm not sure was true in the past. If you log in as a customer from the admin side, it logs in me into that account and I see everything in English. I'm not sure if that is because English is the default in my case or its just using the language set in my admin account, either way that is fine, except that if I make an action in the customer account, for example change a setting like change the payment method on an invoice, it flips the locale for that account to English. This is very annoying because now I'm afraid to even log into a customer account to see what they see and click anywhere (which I need to do to replicate some issues when they report them). I noticed this because those customers now get the invoices and emails in English, and in their profile the language is switched to English. It would be nice if there was a way to set WHMCS to not change the locale on the account if logged as staff/admin, that means even if I manually hit the language selection while logged as the customer or make any action in what ever language. This would allow me to see the account in the customer language or just plain English but not actually change anything on his profile regarding his locale preference. To resume, the profile locale should not be changed when logged as admin, even if you do change the language on the public site. The customer has set the language for a reason, and its just wrong to flip that by mistake as now the emails and even invoices in another language.
  7. It’s not unlimited, it’s called unmetered. If you have 1 Gbit/s link, then you can’t offer unlimited bandwidth. Just like you said, it’s to lure people to hire you, but do you state in the offer the speed is limited? Speed limit = Limited amount of transfer per month = Not unlimited. If your company has a 1 Gbit link you can’t push more than 320 TB a month in total. So not really unlimited is it? Your offer is dishonest as someone without knowledge will understand that he can push unlimited transfer per month which is not really the case. And I’m sure you put unlimited everywhere without trying to explain the real limits… In my book that is just trying to get money from people that don’t know better and are not tech savvy. If you look up Wikipedia * is defined as “A confidence trick (synonyms include con, confidence game, confidence scheme, ripoff, * and stratagem) is an attempt to defraud a person or group after first gaining their confidence, used in the classical sense of trust. Confidence tricks exploit characteristics of the human psyche, such as credulity, naïveté, compassion, vanity, irresponsibility, and greed. Guess which one you are exploiting by asking money for something that does not exist? Trust me. In the future there will be some laws against this, in think in some countries ISP can’t advertise unlimited bandwidth anymore. I don't plan either. I just looked your website for 30 seconds and closed it after I spot "unlimited" like anyone looking at hosting services seriously. Because developing a system like WHMCS will cost you more than one a million dollars. WHMCS is in the developing for years. We agree here, you can cure ignorance by travelling. I will not anymore because I have no idea what you are talking about at this point. Like I said, WHMCS cannot check or certify the code on third party modules. So what you ask is just nonsense for a small team of developers like WHMCS. I'm not sure to what security parameters you are referring either. PHP files in your server run PHP code, they can do basically anything on your server at that point. If the developers are not using the proper API or tapping into things directly, there is not really anything WHMCS can do to protect you from third party modules & code and to be honest I don't think anyone wants that. If that was the case you would not have the modules you have now, they would be severely limited into what they can do. Not something developers want and neither WHMCS customers. In fact, people like me want the opposite. I want more openness, just like Microsoft is open sourcing some of their software and patents, embracing Linux, and the rest of the world is also heavily collaborating with open source, I want WHMCS to offer more non encoded files (not open source their software just open code), and make it more accesible and visible for developers.
  8. I'm not trying to be mean but realistic. It does not help WHMCS as a company unless its a valid and workable solution. Not only do some people here think that WHMCS should be responsible for the security for modules in the marketplace but even check the code on them to make sure they are not doing anything nasty which is very unrealistic even for a huge company. Having the options to have modules in WHMCS is already a great feature and I think one of the reason some people pick WHMCS is because of the extensive eco system of third party modules and integrations. This is a big up sell for WHMCS as you can complement missing things with external code. Instead of appreciating that, they think that WHMCS should somehow interfere with external third party developers, something I fully disagree, not only because its bad for the WHMCS ecosystem but also an expensive and time consuming task for a small team like WHMCS. I think they have more than enough work already with maintaining their own official modules and bugs on the core to focus on things they didn't build. Its like trying to make Amazon responsible for software you buy with them. Amazon has a huge gazillion of downloadable items, and like with any software, some have serious bugs and security issues. But nobody in their right mind would blame that on Amazon but the official developer/company that is making the software. Same is true for the app store, the PlayStore and just basically anything else you buy online, tangible or intangible products. Even if WHMCS charged directly for those modules and the download was on their website, (which is not even the case today), even so they would not be responsible. The best they can do is remove the listing until its fixed.
  9. They don't start a service like that because THEY KNOW how software works. You clearly do not. This is why you suggest ridiculous things. I know enough to understand you are very young and naive and most likely don't understand what you are using or even selling. I suspect you don't even understand how hardware works either. And yes, you should get some advise. For example selling unlimited bandwidth is just scamming people because I'm sure there are no unlimited switches, routers or networks in terms of network speed ports or packets per second. With that alone on your website it means you know nothing about how networks or servers work, you most likely never even entered a data center before or build a rack full of servers. And you surely never developed software either, otherwise you would not be trying to argue things that are common sense for everyone else. 🙄 You don't like the impossible? Me neither. So why don't you donate a million dollars to WHMCS so maybe they can certificate the developers modules for us. Or let me guess? You think everyone works for $3 bucks the hour...Since nothing seems impossible for you, we should contact WHMCS since you will surely not have a problem coming up with that money to pay for the proposed solution, since nothing is impossible right? Sure not, just hard... 😄 Let me guess again? You are not paying for this 😭. So why are you asking WHMCS to pay for what you are suppose to do? Its your job to make sure you don't install crap stuff in your server, not WHMCS. Its your job to verify and certify the security of the code running on your systems or for your customers. This is exactly why I don't buy encoded modules in the first place. Because I do check a module (and some times fix it or pay someone) before running it. Its your job to do those tasks, not WHMCS or anyone else. If you don't trust the developer of a third party module then don't buy the module or just do your own job making sure its secure before installing it. If you can't do that, then you need to blindly trust the developer but don't try to pretend WHMCS should be responsible for doing your work because you are lazy or just don't want to pay someone to do it. There is no free launch in the world, wake up and smell the coffee, WHMCS is not going to do this for any third party software ever. Its not their job and they are not responsible for what you do with your WHMCS installation.
  10. Why don't you start that company if you think its that easy and a viable business model? Start the company and service that certifies WHMCS modules and then also gives customers a guarantee that modules from their own store are secure and safe. Talking is easy, doing is another story. Actually, you do need business and technical advise. A lot actually. ☺️
  11. Why are you comparing a company with 177$ billions in revenue and over 500,000+ thousands employees with a company like WHMCS that has maybe -10* employees and maybe less than -1$* million in renueve. * = I'm guessing but the point is your comparison is still ridiculous. And by the way, you are wrong. Plenty of fake stuff slip into Amazon's inventory. Make your research, Amazon has a real problem with counterfeit products. Don't ever buy an SD card from them because its probably fake. Like you see, even a company of that size is not perfect and has its problem. If you think Amazon is checking manually every product that is sold on Amazon you have no idea how Amazon works. Tip = They don't, its all automated and this is why you can pass fake products, some are just scams and are only removed when multiple people report them.
  12. Do you mean they fail to validate the user input? Or the remote download they pull? If the modules on their own are vulnerable, the developer should be notified in order to fix them. So far I had the impression the company was hacked, not necessarily the modules on the customer side. The modules on customers installations can be remotely modified or manipulated?
  13. Because its common sense. You should not install software you don't trust on any computer. By that I mean phone, desktop and of course servers. I suspect some people think that hosting is some magic account somewhere in the air. Its basically just a computer running 24/7 and the same principles apply. Installing PHP files in your website, is installing software. Those files can do anything they want with the data and other files in that account. This is what I give to people new to computer security. Maybe some folks here should give it a read and apply the common sense rules to their installations: https://technet.microsoft.com/en-us/library/2006.05.reducerisk.aspx Once they read that, they will understand how its impossible for WHMCS to be responsible for this.
  14. Are they still compromised today? Maybe the developer regained control over his server/software already. If I understand correctly the modules themselves are not compromised but the hacker informed of a fake update which customers downloaded. Now, the developer company not informing its customers about this is a completely lack of integrity. Any company should email and inform their users the minute they suspect a breach, even if they don't understand what happened yet. I think that is even a legal requirement now under European GDPR regulations. Just a simple email does not hurt anyone and they could at least had informed that they are investigating the situation.
  15. Great logic! So If I buy a $2.5 unlimited hosting plan from your company? Will you install WordPress for me? I also want it configured, and the plugins, and I also want you to fit my design, make my logo and then update my website every week, plus of course moderate all comments, including spam and make sure the ship is properly secured. I assume you provide all that for $2.5 because you don't have legacy policies and it’s all about helping the customer. I also expect you to completely safeguard my website, if it’s get hacked, like you said, I should make you liable legally. I do mention that I will install all sort of garbage PHP scripts that make nasty things, and I will just give out my passwords to anyone. But since its your service you are still responsible for what ever I do on the servers, since they are yours. Is that all ok with you? It’s ironic how people demand from others something they are not willing to provide on their own. You know exactly that everything I asked is not possible for that amount of money. You would be in fact losing money for each customer and no company is in the business of losing money if they want to keep the lights on. Experience will show you the hard way if you are not willing to listen to others that have far more experience in the same industry.

Important Information

By using this site, you agree to our Terms of Use & Guidelines