Search the Community
Showing results for tags 'hacked'.
Found 4 results
tap0le posted a topic in Third Party Add-onsWHMCS Administration: Please remove all WHMCS Global Services' modules from your marketplace. About a week ago, WGS sent out an e-mail telling it's clients to run a php script to patch an issue with their license server. It ended up not being from WGS. It was a hacker, who had gained access to their system. WGS' client database has been leaked, along with their creditcard hash, and instructions on how to hack ANY host which uses "ClientX" theme. It includes a list of the hosts which use this theme. License servers have been down as well for WGS, so if you are paying for their modules, you can't use them anyways. Here are some pastes which show the hackers' activity, WGS response, and a timeline for this entire event. <removed from community by moderation team> Please, any hosting companies that use their services, delete the modules from your system. You are at risk.
- What is WHMCS Firewall? It is a web application firewall, intrusion detection system, offers secure backups (Amazon S3 and Dropbox), automated alerting, auditing and more WHMCS Security addon to protect your WHMCS billing and customer management system. - Why purchase our WHMCS Security module? Our WHMCS Firewall module provides security, auditing and SECURE offsite backup features that are not included in WHMCS. WHMCS provides very powerful server automation, billing and customer management but it lacks advanced security options. We have used WHMCS for many years and do not plan on switching so we just decided to solve the security part on our own and are now making our security module available to other WHMCS users. *If you care about protecting the system that powers your billing, server automation, client support, company reputation, etc. then purchase our Security module. No hard sale here.. Either you care about security or you don't - Is WHMCS Firewall compatible with WHMCS v6? Yes, compatible with WHMCS 5.x and 6.x (Select your correct version during checkout) - What features are included in WHMCS Firewall? The WHMCS Firewall module adds the following security features to WHMCS. Web Application Firewall + IDS – Htaccess based firewall, pre-loaded rules and notifications to keep you updated on the latest threats to your WHMCS website. Amazon S3 Backups – Allows secure offsite backups (manual or scheduled) to your Amazon S3 file storage account. – MAJOR Dropbox Backups – Allows secure offsite backups (manual or scheduled) to your linked Dropbox account. – MAJOR *As you already know, insecure FTP and Email are the only two current WHMCS backup options. S3 is the preferred route and we give you a step by step tutorial on how to setup your S3 bucket and permissions. File Auditing – Know when your Core WHMCS files or any files under your WHMCS installation change. – MAJOR Settings Auditing – Alerted when key WHMCS settings change which can be signs of a silent hack. Admin Auditing – Alerted when admin details change (including password hash) or a new admin is added or existing admin removed. Products Auditing – Alerted when products are added, edited or removed. Such as price change and ability to “RollBack” any incorrect edits. Payment Gateway Auditing – Alerted when payment gateways are added, edited (IMPORTANT) or removed. And ability to “RollBack” any changes. Addons Auditing – Alerted when addons are added, edited or removed. Such as price and ability to “RollBack” any incorrect changes. Cloudflare Integration – Link to your Cloudflare account via API to instantly sync WHMCS banning and auto-expire actions to your entire Cloudflare network. > SWEET Autoban Honey Pot – Hackers check certain WHMCS urls first. Such as /admin/ Knowing this you can Autoban from WHMCS and optionally sync that Autoban to Cloudflare. > Getting excited yet?? Customized Reporting – Silence specific security alerts, customize which admins or custom emails and how often you receive security alerts. Whitelist modules - Concerned that one of your existing modules may be affected by the security rules added by this module? First, it will likely not (99.99%). Second, Whitelist the module using our Addon module scanner and whitelist feature. (Yes, we did think of just about everything) 24/7 Support – You are not a Security expert, you are a business owner with things to do, servers to fix and customer support tickets to answer. We are here to help 24/7. You focus on growing your business – we will focus on keeping your WHMCS secure. Actively Maintained – Online threats, WHMCS, LAMP and many other factors change frequently. Rest assured we actively update our security module. "Update Available" feature also built in. Many more features – There are too many features of WHMCS Firewall to list. After you purchase you will have full access to the WHMCS Firewall User’s guide located at https://whmcssecurity.com/ Like I said, we Love and have used WHMCS for many years. We created this security module for internal use and it has worked great. We have now decided to release it for public sale so other WHMCS users can benefit and protect themselves with the added security provided by our WHMCS Firewall Addon. What is your website and where can I purchase the module? Our website is https://whmcsFirewall.com I love discounts.. can I have a discount code? Yes, you sure can. We have a very Exclusive and special offer for fellow forum members.. 50% Off (Monthly, Owned or Enterprise License) - Use code WHMCSFORUM50 **Expires 9/7/2015** 25% Off (Monthly, Owned or Enterprise License) - Use code WHMCSFORUM25 **Expires 9/15/2015** 10% Off (Monthly, Owned or Enterprise License) - Use code WHMCSFORUM10 **Never Expires** > AND a Free Trial is also available... What are you waiting for?? Go try it out!! https://whmcsfirewall.com **The 50% off discount code is a once in a Lifetime only deal. I promise you will NEVER (EVER) see it again here or on any other website once it expires, so I suggest you take advantage of it! LAST QUESTION, I am kind of busy with hosting and helping my clients.. can you save me time and install this security module for me? Yes, you can select the "Module Installation and configuration" option during checkout. Also, all of our plans (even the Free Trial) come with support so open a ticket with any questions. We Really enjoy interacting with our customers, talking about our module and security. So we look forward to reading your tickets! Nothing is perfect in this world, so feedback and recommendations are always welcomed! Help us make a better and safer WHMCS by trying & giving your feedback to our WHMCS Firewall Security Module. https://whmcsFirewall.com
plateaultd posted a topic in Third Party Add-onsI noticed that several people recently posting about their WHMCS getting hacked. One thing that appears to be missing from all their recommendations is securing your server before it is hacked or after you have cleaned it up. This does not mean it won't be hacked, just less likely. Here is my list of 10 ways to make your WHMCS installation more secure. I am sure others on the forum can add to this list. Start here: http://docs.whmcs.com/Further_Security_Steps Once you have done there there are additional steps you can take. A couple of these items refer to cPanel Servers, but can also be done on other servers.* 1. Install Mod Security in Easy Apache. * Using the default rules are better than nothing, though additional rules are available. It can help block SQL injection attacks. 2. Install mod_geoip for apache, it is a custom module in Easy Apache. * Using this you can block countries you never do business with. Want to block the whole country of Florin, it's easy to do by adding a few lines in your .htaccess file, once mod_geoip is installed. 3. Secure the physical server. Only access files on it via SSH/SFTP and relocate the SSH port to something other than 22. 4. Use hosts.allow to prevent SSH access from all but specific locations. 5. Use the built if firewall or a physical firewall to lock the server down. If you never receive email on the server, block incoming port 110, 25, etc. Block port 21 (FTP) as it is insecure. Basically default to blocked for everything and then just open the ports you use. 6. Block all outbound ports except those you use. e.g. 80, 443, 25, New_SSH_Port, etc. 7. Install csf http://configserver.com/cp/csf.html it makes it easier to secure yout server. 8. Use certificates to connect to the server and set really strong passwords. 9. Block root login via SSH. 10. Backup your server and database files off the server. A good backup is like a parachute, if you don't have one when you need it, it's too late. Remember white hats need to be lucky 100% of the time, black hats only need to be lucky once.