Jump to content


Senior Member
  • Content count

  • Joined

  • Last visited

  • Days Won


string last won the day on May 15

string had the most liked content!

Community Reputation

11 Good

About string

  • Rank

Recent Profile Visitors

1,575 profile views
  1. Obviously the if condition is fulfilled, otherwise it would not happen. Without seeing the API response and more code, it's hard to be more specific. What does the variable $status contain? Do you verify that the API call returns something at all? If not, and the $status variable does not come from the API query, that may be the problem.
  2. string

    Increase your WHMCS security now

    A web application firewall like mod_security is a must have. It can save your ass, especially with security holes in addons. I've seen the simplest vulnerabilities in addons too many times, like LFI / RFI. A WAF can help block such attacks.
  3. string

    Adding a menu item under "Logs"?

    The easiest way would be to simply check which role the admin has and then show the log page or not. You can add the menu entry over javascript, or edit the admin template. As far i know, there is no other way to add a menu entry. I would use javascript as it will not require changes on WHMCS updates.
  4. To remove the SSL check from the client area, you can follow this: Currently there is no way to disable it over the admin interface. There is a feature request for it: https://requests.whmcs.com/topic/customization-of-ssl-monitoring-introduced-in-7-7-0 I think the SSL checks can be skipped by adjusting the WHMCS cronjob parameters (by using the do argument and execute only what you need. Ugly, but probably working).
  5. string

    Hi for UKBSS.COM

    https://stackoverflow.com/questions/737022/how-do-i-disable-right-click-on-my-web-page But it does not make any sense, everbody can bypass this easily. I even think that's pretty bad, I do not see any benefit in it in this specific case. There are cases where it does make sense, but not here. The inexperienced user may want to copy and share the text, but can not because he does not know the shortcut for copying.
  6. As far i see, the hooks can not be used to override the contact details. A possible workaround would be that you change the clients company name via the hooks PreDomainRegister / PreDomainTransfer and then restore over the hooks AfterRegistrarRegister / AfterRegistrarTransfer. Not the nicest solution, there are probably better ways.
  7. Maybe you could just save the $_SESSION variable before the hooks and then restore it.
  8. +1 for dynamic keys. I'm also surprised why so few seem to use it. Probably because it requires to read the ioncube documentation and there are a few things to keep in mind when using dynamic keys to get started with it.
  9. I am not a lawyer and have no special knowledge in this regard, but I think that every reputable German provider responds to such a page. Stichwort "Providerhaftung".
  10. Funny: $ telnet <Website links removed by Moderator - Leads to Nulled Software> Trying <Website links removed by Moderator - Leads to Nulled Software> Connected to <Website links removed by Moderator - Leads to Nulled Software>. Escape character is '^]'. EHLO 220-<Website links removed by Moderator - Leads to Nulled Software> 25 ESMTP Exim 4.91 #1 Tue, 14 May 2019 23:26:06 +0200 220-We do not authorize the use of this system to transport unsolicited, 220 and/or bulk e-mail. 250-europe.<Website links removed by Moderator - Leads to Nulled Software> I have no doubt that asrhost.com is affiliated with <Website links removed by Moderator - Leads to Nulled Software> I included that also in my report few months ago to WHMCS. I had the same idea when i found this page. I did reported them to cPanel. Nothing happened. It seems contabo provides bulletproof hosting. Contabo has some interesting history (Gigahosting, BGP session with syria), but thats an other topic. Edit: Just saw that the screenshot of WGS already mentions asrhost.com. So yeah, they are definitely the same.
  11. string

    addon module admin area

    I would either create a new file for ajax calls or do a "exit;" after you echo the json output. That should work.
  12. I reported this site already serveral months ago to WHMCS and to the hosting provider (contabo, abuse@contabo.de). This amazes me a little, because Contabo is a German provider who actually has to react to something like that by law. That's not the only side that does that. There seems to be a market for it.
  13. string

    Hook for rel canonical in header

    You can use the ClientAreaHeadOutput hook to add HTML into the header.
  14. Maybe you need to set the session lifetime higher on your server. See this.
  15. string

    [Locked]Unlicensed Installation

    Really? I always feel like nothing happens, except the standard thank you response, so i mostly stopped reporting. I've reported a few times pages hosted at webhosts that definitely would respond to an abuse. The sites were still online when i checked the last time, on the same IP.

Important Information

By using this site, you agree to our Terms of Use & Guidelines and understand your posts will initially be pre-moderated