Chris74

If it shuts down for good, your module will stop working forever yes. There is some sort of issue with the grace period on the licensing module which you can read about here...

Their website just came back online.

We are using their DNS Manager addon but it has stopped working and their WHMCS site is offline... https://www.busyrack.com/client/ Would be good to know whether this is temporary or not. Checked their Twitter and FB - nothing on there for a couple of years. Also, can anyone recommend an alternative to this module? (apart from the Modulesgarden one)

Can you describe in more detail what the issue is with the WHMCS licencing system? If you fixed the problem by updating your module - I assume that was some sort of workaround for the problem in WHMCS?

Exact same thing has just happened with the "BusyRack DNS Manager addon. Using the module says license has expired (it hasn't) and their website is down. https://www.busyrack.com/client/ These people don't seem to understand that if their system is down - it disables the module on our systems too! Why should we suffer because of their technical issues? It just makes me more and more nervous about using any third party modules. Right now, any of our customers with domain registrations only (no hosting) can't manage their DNS records.

I think we will just add a Staff category to the main KB and not publish the articles. This way we don't have to rely on third party developers. One of the major problems with WHMCS is that they rely on external developers to provide modules for their system to put in place the functionality that is sadly missing from the main product. Sadly in most cases, these "developers" are amateurs who have learned a bit of PHP coding and want to make some money sitting at home. We have seen it so many times where the website goes offline, the owner can't be contacted - or the addon is no longer being maintained or updated. It's pretty much a waste of time to use any of these third party modules. It's also a security risk.

Steven99, does your module require license checking? If so, does it allow the module to keep working if your license server is down? Hope you don't mind me saying - it looks quite basic but has a pretty heavy price tag at 50 USD

I got a response. He said they have had a technical issue due to a failed upgrade so the license checking was down. He says he has fixed it but sadly his site is still down and the module just keeps asking for the license key.

Ok thanks I've submitted a ticket. As far as I can tell, the staff wiki module is just a copy of the WHMCS KB but with only admin access. There is another module the same by "EasyWHMCS" but this doesn't support PHP 7. Does anyone know an alternative?

Any way to contact this guy? We have a bunch of stuff in the staff wiki that we can no longer access now that he's taken down his licensing system. We only bought the module in October 2018 and he was answering sales tickets then.

I'm right. API tokens on their own present a serious security risk. Anyone gaining access to this unprotected, simple text file will gain full root access. On it's own, the API token is far less secure than using a simple encrypted password. I don't believe WHMCS understand that you need more than just the token on its own. There should be multiple separate layers of security in place. It should also be mentioned that cpanels "API Tokens" are not tokens - it's just an API key. It doesn't expire or change and It isn't used to authenticate. See this... https://nordicapis.com/why-api-keys-are-not-enough/

This may be a really dumb question but I'm a little confused about something relating to the use of the API tokens in the server setup. Correct me if I'm wrong, but the idea of using the API tokens instead of a full root password is that it provides more security, so that WHMCS can only perform the tasks it needs without having full root access. If I want, I can configure all our servers in WHMCS with the root username and password and it will perform all functions needed - but I'm taking a risk by doing that. So using the API token with only certain privileges would seem to be a sensible solution. The problem I'm having is with the "Login to WHM" button on the server setup page. When using an API token, I have not provided the root password, therefore any connection made by WHMCS should only be allowed to perform the functions listed in the API token - however, I can simply click this button which will send me through to any server where I will have full root access, seemingly negating the need for tokens and privileges. A username must be provided - WHMCS won't connect to a server using a token unless a username is provided. So if the root user is specified, I assume this simply allows full root access anyway. I assume this is due to the privilege "create-user-session" being set - which could be just as powerful as having the root password anyway - in fact, all a token needs is that privilege, to allow anyone root access in a single command, simply by specifying the root username. As tokens are not stored encrypted, doesn't this make the use of tokens less secure than using a password, which is encrypted in the database? I don't really want to pass through to WHM from WHMCS - so perhaps I can remove "create-user-session" without this affecting the functionality of the cpanel module?

Yeah you're right, it does exactly what I want it to. I didn't know there was such a comprehensive reporting function in there. Never spotted it before. Thanks.

Hi folks, I would like to create a report that includes the total from paid invoices where VAT has not been charged. It should work on the date paid field. As we are in the UK, we charge VAT at 20% to our resident customers, which makes up almost our entire customer base. We don't charge VAT to customers outside Europe. The way our accountant calculates VAT payable is on the gross income from transactions, with the VAT MOSS data taken into consideration. Until now, I haven't tried to identify the non VAT transactions, so we've been paying a bit more VAT that necessary. I need to identify for any given month, the total income from paid invoices that is not VAT-able, so we do not have to pay VAT at 20% on these invoices to the government. It won't be much, but I want to make sure it is correct - and we can also claim for the last four years. I'm not a developer so this is beyond my expertise so will gladly pay a fee. Many thanks.

Hi, I'm looking for some advice relating to the nextinvoicedate field in the tblhosting table. A while back there seemed to be a problem with the cron jobs causing very high load and taking a long time to process. I noticed some issues with some hosting plans suddenly having the next due date of the year 1999 or 2000. Very strange. We resolved the handful of products with that problem. It would appear this is not the only issue caused. Some customers are contacting us saying that they haven't received an invoice for their renewals. They only become aware that they are overdue when the account is suspended for non payment. (Personally I think this problem has been related to Modulesgarden's "Hosting renewals" module.) There have been no problems with the domains table. Anyway, so I look in the database and I find over 800 products that have the nextinvoicedate field set to 0000-00-00 - which is most definitely the cause of this issue. WHMCS is not generating invoices for these products (as you'd expect). So my questions, if anyone would be so kind to help.... 1. Does WHMCS always store the dates in the database as yyyy--mm-dd regardless of the date format chosen in the config? 2. Why would all of the due dates on all of the products get updated daily? Is this something that WHMCS does, or should I be looking at a cron hook within an addon causing this? 3. Could someone please be so kind as to offer me the correct syntax to set any "nextinvoicedate" that is currently set to "0000-00-00" to the same value as the "nextduedate" in the tblhosting table? Thanks very much in advance for any help you can offer.