Search the Community
Showing results for tags 'hacking'.
Found 4 results
Hi First let me say if this is posted in the wrong location , please advice me of the correct thread and I will repost the topic.. I'm new to whmcs, my problem is I have been getting lot's of bogus accounts being made since last night, as soon as I remove / delete the account and block the IP another one or two is created.. I have my settings set to purchased must be completed before a new membership can be made. How can I prevent new accounts from being made? They are using emails and usernames such as Email Address: email@example.com Password: firstname.lastname@example.org Also user-names such as 404/403 I read as much as I could about this and learned it's some kind of man in the middle? Trying dump my account holders CC information? Can someone please tell me the steps or point me in the correct direction to prevent this 0-day attack crap. I really need to prevent this and protect my clients data Thanks for any help in advance Fish911
I noticed a problem over recent weeks that has become much much more worrisome in recent days with lots of spammy registered users at my site. Most of these spammy email addresses are not actually TLDs, such as the email address email@example.com that was recently registered today. How did that email address get past WHMCS validation?? Is there somethign wrong with my WHMCS setup? Why is an email address at mmmmmm.mmm allowed to be registered? It should fail on validation, correct?
Hello, Due to recent hacks going around with whmcs, i wanted to investigate further and see if there was anything else that could be done to prevent getting hacked. I have easily found some information on the internet on how we were hacked by recent exploits in whmcs versions 5.2.3 and above. With sql injections its all easily done. We are now using two factor auth, and also following setups in this document to further secure the whmcs installation which will help. If you have not done so already i suggest you get it done a.s.a.p http://docs.whmcs.com/Further_Security_Steps I have found something that needs attention immediately, many attackers use google to search for sites to exploit using the inurl command, doing a search like this. whmcs inurl:clientarea.php will give plently of results and potential people to hack. One easy thing to do that i really cant believe has not been done or should at least be an option is to protect all whmcs files for being indexed, i mean if you cant find them in the first place then it is much harder to exploit in the first place ? <meta name="robots" content="noindex"> In the header template file will allow this feature to not show up on any Google result at all, no matter if its linked from external sites. Some people like to SEO Whmcs ? why i ask, its your billing system and probably the dumbest thing you can do especially since we all know its not exactly secure. If you want to SEO, use your blog or your main website to do the marketing your portal should be as protected and hidden as possible for your clients ONLY. It would be good to see this new option maybe in the GENERAL OPTIONS, SECURITY TAB in Whmcs. If anyone else has anything that can help with securing whmcs in general please share. EDIT: I also just found this option within WHMCS GENERAL SETTINGS -> OTHER TAB that should be unchecked. Tick this box to allow registration without ordering any products/services The most recent vulnerability in 5.2.10 allows someone that has access to the clientarea.php to use an SQL injection. By unchecking this basically means they will need to purchase something before becoming a client. Cheers Mitch