Jump to content

Search the Community

Showing results for tags 'security'.



More search options

  • Search By Tags

    Type tags separated by commas.
  • Search By Author

Content Type


WHMCS.Community

  • The latest WHMCS Release
    • V7.8 Release Discussion
  • The Latest from the WHMCS Team
    • News & Announcements
    • The WHMCS Blog
  • WHMCS.Community
    • Community Announcements
    • Introduce Yourself
  • Using WHMCS
    • Pre-Sales Questions
    • Admin & Configuration Questions
    • Installation, Upgrade, and Import Support
    • Using WHMCS
    • Troubleshooting Issues
    • Vendor Discussions
  • WHMCS Beta Program
  • WHMCS Showcase
    • Showcase Your Site
    • Share Your Best Practices & Tips
  • Developing & Extending WHMCS
    • Third Party Add-ons
    • Service Offers & Requests
    • Developer Corner
    • Building Modules
    • Share Ideas for WHMCS Modules
  • Community Competitions
    • Competitions
  • General Discussions
    • General Discussion
  • General Feedback & Assistance
    • WHMCS.Community Tips & Tricks
  • Third Party Developers's Topics
  • Turkish International Discussions's Topics
  • Russian International Discussions's Topics
  • Spanish International Discussions's Topics
  • Portuguese International Discussions's Topics
  • French International Discussions's Topics
  • Italian International Discussions's Topics
  • German International Discussions's Topics
  • WHMCS Brasil's Topics
  • WHMCS Brasil's Tópicos
  • ModulesGarden Club's Topics
  • Hungarian International Discussions's Segítség
  • ThemeMetro Club's Topics
  • WHMCS Services Club's Topics
  • SwiftModders Club's Topics
  • WHMCS Global Services Club's Topics

WHMCS Version

  • V7 Hotfixes
  • V7.1.x Hotfixes
  • V7.2.x Hotfixes
  • V7.3.x Hotfixes
  • V7.4.x Hotfixes
  • V7.5.x Hotfixes
  • V7.6.x Hotfixes
  • V7.7.x Hotfixes
  • V7.8.x Hotfixes

Find results in...

Find results that contain...


Date Created

  • Start

    End


Last Updated

  • Start

    End


Filter by number of...

Joined

  • Start

    End


Group


Found 24 results

  1. 1. Report Generator For WHMCS 4.1.0 Much of business success comes from well-planned actions, informed decisions and skillfully performed campaigns – wouldn’t you agree? However, to foster your company’s stable growth, a variety of specific metrics must be subjected to data analytics techniques. With the latest 4.1.0 version of our Report Generator For WHMCS module, the science of information analysis will become yet more efficient owing to these two hot-off-the-press report types: Tickets Responding Time – a handy tool measuring the time taken to respond to a ticket Server Revenues – containing a register of your servers’ maintenance costs per month, their services’ revenues and balance Forge ahead with the module’s changelog and do not let any novelty pass by you. Learn more about Report Generator For WHMCS 4.1.0! 2. Custom WHMCS Report For FREE Still lacking the exact type of report that would give you just the perfect insight into a specific area of your company? No need to worry! With our special offer you are now more than welcome to join the ranks of the module users and receive a bespoke report developed specially for you with no further payment! Specify the details of your dream reporting tool via ticket and let us join our minds to evaluate the feasibility of such a custom project. Should we hold all the required information and resources, we will endow you with the exact solution you need to make informed decisions about your company’s growth. All that without bearing any additional costs! Secure your business’s tomorrow with a report adapted to your needs! 3. New MetricsCube - On Guard Of Your Safety Running your company requires of you yet more profound insight into all the metrics crucial for making progress? Let us bring to you the news of freshly updated MetricsCube – a system designed to plug the information gap, featured with approximately 70 report types (and still continuing!) that guarantee deep and accurate analysis of your business data. In this new system version, apart from remastering the entire framework to improve its speed and stability, another milestone on the road to perfect data security was reached. The safety of your sensitive data will be now guarded by two-factor authentication model combined with apt device monitoring. Make sure your business is well protected against any data leaks! 4. WHMCS V7.8 Modules Support List It is a great pleasure to let you know that in the light of WHMCS V7.8 release, we have already knuckled down to ensure that every single WHMCS module is characterized by impeccable compatibility with this brand new version. Anxious to know whether your favorite module has already embraced all the necessary adjustments? Stop by the ModulesGarden Forums for a quick check-up of our integration list. Stay tuned for more module updates already on their way! Need Custom Software Development For Your Business? Get Your Free Quote Now! Specially for you we will adapt an application and its design to your own needs, create a new module or even a completely new system built from scratch!
  2. Hello there I have been watching some posts related having WHMCS and main Website and eventually on each separate account, I really think it makes sense....but my my specific scenario I am thing that could make more sense for now only WHMCS and on second business stage upgrade to an Word Press website. Advice or any tips are welcome. Currently I have: My website on my www.mydomain.com WHMCS on separate cpanel SUBDOMAIN www.client.mydomain.com So I have my website before start using WHMCS, and it is simple website with one page that we can scroll HOME, ABOUT US, PRODUTS\SERVICES, CONTACT FORM The point is, since my website is simple, I guess there is a option in WHMCS to create new pages and handle everything inside WHMCS and having just one central place, also I guess now there is template that can handle that, like zoomex, client host, alaska, etc, etc... I intend to suspend my main website cpanel and change my WHMCS to www.mydomain.com and have just one central place. I have analysed also, that I should take care during WHMCS update, to ensure I will keep WHMCS frontend alive, if it is a module, don't upgrade WHMCS until module developer deliver latest compatible version. If were you considering my current situation what would do, create your own new pages using WHMCS docs? Do you thing using WHMCS frontend module is security recommended? What would you looking for when searching for possible modules market (experience of developer, security history, module been sold from MARKETEC PLACE? Appreciate your attention!
  3. grandechefe

    Hosting Password

    The Passwords generated by whmcs to create a hosting account are too weak. With the new safety rules of cpanel, passwords must have a high difficulty. How can we change the generator of passwords?For example whmcs generates passwords of type **Frth2sx**, without any type of sepcial character I have this information: Sorry, the password you selected cannot be used because it is too weak and would be too easy to guess. Please select a password with strength rating of 100 or higher.
  4. griffinhosting

    Security Plus+ RBL

    A new security add-on module for WHMCS (free and paid versions). Please check it out. - https://www.sprbl.net
  5. Was the option "Disable MD5 Clients Password" removed out of the current version of WHMCS ? Because I still see it listed in the docs as being available still. See http://docs.whmcs.com/Security_Tab#Disable_MD5_Clients_Password
  6. Get deep license discounts during our 48 hour Cyber Monday Sale! Increase your WHMCS security, enable auditing, offsite secure database + file backups and Much more with our WHMCS Firewall Module. Simply enter one of the discount codes below during checkout. Need to secure just 1 WHMCS site? "CYBER50" = 50% Off! Need 2 or more licenses? Enter "CYBER60" for 60% off! Applies monthly and owned licenses. NO restrictions just SECURE and SAVE for 48 hours! https://whmcsfirewall.com/
  7. Get deep license discounts during our 48 hour Cyber Monday Sale! Increase your WHMCS security, enable auditing, offsite secure database + file backups and Much more with our WHMCS Firewall Module. Simply enter one of the discount codes below during checkout. Need to secure just 1 WHMCS site? "CYBER50" = 50% Off! Need 2 or more licenses? Enter "CYBER60" for 60% off! Applies monthly and owned licenses. NO restrictions just SECURE and SAVE for 48 hours! https://whmcsfirewall.com/
  8. Get deep license discounts during our 48 hour Cyber Monday Sale! Increase your WHMCS security, enable auditing, offsite secure database + file backups and Much more with our WHMCS Firewall Module. Simply enter one of the discount codes below during checkout. Need to secure just 1 WHMCS site? "CYBER50" = 50% Off! Need 2 or more licenses? Enter "CYBER60" for 60% off! Applies to monthly and owned licenses. NO restrictions just SECURE and SAVE for 48 hours! https://whmcsfirewall.com/
  9. - What is WHMCS Firewall? It is a web application firewall, intrusion detection system, offers secure backups (Amazon S3 and Dropbox), automated alerting, auditing and more WHMCS Security addon to protect your WHMCS billing and customer management system. - Why purchase our WHMCS Security module? Our WHMCS Firewall module provides security, auditing and SECURE offsite backup features that are not included in WHMCS. WHMCS provides very powerful server automation, billing and customer management but it lacks advanced security options. We have used WHMCS for many years and do not plan on switching so we just decided to solve the security part on our own and are now making our security module available to other WHMCS users. *If you care about protecting the system that powers your billing, server automation, client support, company reputation, etc. then purchase our Security module. No hard sale here.. Either you care about security or you don't - Is WHMCS Firewall compatible with WHMCS v6? Yes, compatible with WHMCS 5.x and 6.x (Select your correct version during checkout) - What features are included in WHMCS Firewall? The WHMCS Firewall module adds the following security features to WHMCS. Web Application Firewall + IDS – Htaccess based firewall, pre-loaded rules and notifications to keep you updated on the latest threats to your WHMCS website. Amazon S3 Backups – Allows secure offsite backups (manual or scheduled) to your Amazon S3 file storage account. – MAJOR Dropbox Backups – Allows secure offsite backups (manual or scheduled) to your linked Dropbox account. – MAJOR *As you already know, insecure FTP and Email are the only two current WHMCS backup options. S3 is the preferred route and we give you a step by step tutorial on how to setup your S3 bucket and permissions. File Auditing – Know when your Core WHMCS files or any files under your WHMCS installation change. – MAJOR Settings Auditing – Alerted when key WHMCS settings change which can be signs of a silent hack. Admin Auditing – Alerted when admin details change (including password hash) or a new admin is added or existing admin removed. Products Auditing – Alerted when products are added, edited or removed. Such as price change and ability to “RollBack” any incorrect edits. Payment Gateway Auditing – Alerted when payment gateways are added, edited (IMPORTANT) or removed. And ability to “RollBack” any changes. Addons Auditing – Alerted when addons are added, edited or removed. Such as price and ability to “RollBack” any incorrect changes. Cloudflare Integration – Link to your Cloudflare account via API to instantly sync WHMCS banning and auto-expire actions to your entire Cloudflare network. > SWEET Autoban Honey Pot – Hackers check certain WHMCS urls first. Such as /admin/ Knowing this you can Autoban from WHMCS and optionally sync that Autoban to Cloudflare. > Getting excited yet?? Customized Reporting – Silence specific security alerts, customize which admins or custom emails and how often you receive security alerts. Whitelist modules - Concerned that one of your existing modules may be affected by the security rules added by this module? First, it will likely not (99.99%). Second, Whitelist the module using our Addon module scanner and whitelist feature. (Yes, we did think of just about everything) 24/7 Support – You are not a Security expert, you are a business owner with things to do, servers to fix and customer support tickets to answer. We are here to help 24/7. You focus on growing your business – we will focus on keeping your WHMCS secure. Actively Maintained – Online threats, WHMCS, LAMP and many other factors change frequently. Rest assured we actively update our security module. "Update Available" feature also built in. Many more features – There are too many features of WHMCS Firewall to list. After you purchase you will have full access to the WHMCS Firewall User’s guide located at https://whmcssecurity.com/ Like I said, we Love and have used WHMCS for many years. We created this security module for internal use and it has worked great. We have now decided to release it for public sale so other WHMCS users can benefit and protect themselves with the added security provided by our WHMCS Firewall Addon. What is your website and where can I purchase the module? Our website is https://whmcsFirewall.com I love discounts.. can I have a discount code? Yes, you sure can. We have a very Exclusive and special offer for fellow forum members.. 50% Off (Monthly, Owned or Enterprise License) - Use code WHMCSFORUM50 **Expires 9/7/2015** 25% Off (Monthly, Owned or Enterprise License) - Use code WHMCSFORUM25 **Expires 9/15/2015** 10% Off (Monthly, Owned or Enterprise License) - Use code WHMCSFORUM10 **Never Expires** > AND a Free Trial is also available... What are you waiting for?? Go try it out!! https://whmcsfirewall.com **The 50% off discount code is a once in a Lifetime only deal. I promise you will NEVER (EVER) see it again here or on any other website once it expires, so I suggest you take advantage of it! LAST QUESTION, I am kind of busy with hosting and helping my clients.. can you save me time and install this security module for me? Yes, you can select the "Module Installation and configuration" option during checkout. Also, all of our plans (even the Free Trial) come with support so open a ticket with any questions. We Really enjoy interacting with our customers, talking about our module and security. So we look forward to reading your tickets! Nothing is perfect in this world, so feedback and recommendations are always welcomed! Help us make a better and safer WHMCS by trying & giving your feedback to our WHMCS Firewall Security Module. https://whmcsFirewall.com
  10. What is Security Login? Security login adds an additional layer of security to your client area. If the user failed login attempts x times then the user remember his password and successfully login he need to enter a second passcode that will be send to his email this will make sure that the user is him and he is the one trying to login to his account and it's not another guy trying to get the user account. Why do you need it? Password can be guessed. So security login gives you additional security to stop guessing the password x times for example you set the security login for 2 failed login attempts and the user try to login to the client area 2 times and failed then the user remember his password and login to the client area the security login will prevent the user from accessing his account and send him a passcode if he enter the passcode he will be redirected to the client area. How it works? After activating the security login go to the module settings and configuration also you can edit the email template to suit your needs. Now go to the client area and try to login with a fake password but be sure to use an email that is in use then try to login to the account you will then see the security login page it will send you a passcode that you need to enter so you can get access to the account. We are pleased to announce the release of Security Login Version 2.1.0. Changelog Added client info in security login control panel you can reset and resend the pin code or delete Added a resend button for the client area Added 60 seconds countdown before showing the resend button Updated if added 0 in "Failed Login" the module will show the security login every time the client login Encrypt the pin code in the database Fixed email function not sending View the product Page View all our works and Products
  11. What is Security Login? Security login adds an additional layer of security to your client area. If the user failed login attempts x times then the user remember his password and successfully login he need to enter a second passcode that will be send to his email this will make sure that the user is him and he is the one trying to login to his account and it's not another guy trying to get the user account. Why do you need it? Password can be guessed. So security login gives you additional security to stop guessing the password x times for example you set the security login for 2 failed login attempts and the user try to login to the client area 2 times and failed then the user remember his password and login to the client area the security login will prevent the user from accessing his account and send him a passcode if he enter the passcode he will be redirected to the client area. How it works? After activating the security login go to the module settings and configuration also you can edit the email template to suit your needs. Now go to the client area and try to login with a fake password but be sure to use an email that is in use then try to login to the account you will then see the security login page it will send you a passcode that you need to enter so you can get access to the account. Product Page https://www.alfnyhost.com/products.php?action=p&pid=11 Screenshot 1 Screenshot 2 Screenshot 3 Screenshot 4 Project Features Enable/Disable Module You can enable or disable the module from the module settings Failed Login Attempts You can set the number of failed login attempts from the module settings Passcode Number You can set the how many number for the passcode from the module settings Email Template You can edit the email of the security login form the module email template Language The module have English and German language you can translate the module to your language by adding your language to the module language folder IP and Date If the security login record any failed login attempts it will send the IP and Date to the account owner
  12. SMS Center For WHMCS introduces text messages to your business as a perfect complement to traditional email notifications. To our great pleasure, the module has met with a high level of interest, thus we have decided to exceed its functionality even further. Version 1.1 comes with more flexibility and conveniences. To start with, you will be able to take advantage of yet another SMS gateway - BoxisSMS. What is more, your clients will no longer have to remember to add prefix while entering their mobile number – the module will do it for them! Discover more about the latest update: Changelog - Version 1.1.0: New Feature: Support for BoxisSMS gateway New Feature: Adjust format number to international automatically Improved: Clickatell submodule - define sender ID Bug Fix: SMS is not sent while WHMCS cron is running Are You Interested? ♦ Order SMS Center For WHMCS Now! Do You Need More Information? ♦ Read More About SMS Center For WHMCS Are You Looking For A Complete Documentation? ♦ Visit SMS Center For WHMCS Wiki Do You Want Us To Install And Configure The Module For You? ♦ Tick 'SMS Center Installation Service' Field While Ordering The Product Check out our brief guide and other practical tips how to update WHMCS modules here. Anyone may become a victim of a dangerous attack on the Internet. Ensure the safety of your business with our practical tips to defend against DDoS attacks. Do You Need Custom Software Development? Specially for you we will adapt an application and its design to your own needs, create an adequate addon, an entirely new module or even a complete system! We can advise how to solve your problems and propose an optimal solution for your business. ♦ Contact us today! We will prepare for you a free quote, ETA and more details within 24-48 hours. For more information about our promotions, products and company activity - join our social networks! ♦ Forums ♦ Blog ♦ Facebook ♦ Twitter ♦ Google+ ♦ LinkedIn ♦ YouTube
  13. Each day, millions of Internet users are exposed to risk of stealing their access details. According to research performed by Identity Theft Resource Center in just 2014 over 83 million records were exposed, many of which contained usernames and passwords. That is why it is so important to invest in a reliable solution which will ensure the safety of sensitive data storage and management. Our Password Manager For WHMCS was designed to precisely this end. The module offers a high-level security of data which we achieved thanks to an advanced two-way encryption mechanisms using encryption keys. We are proud to announce that we have released version 2.0 of Password Manager For WHMCS with new possibilities to manage passwords in a safe way. Just take a look: Changelog - Version 2.0.0: New Feature: Create access details categories New Feature: Assign clients and administrators to categories New Feature: Define categories of access details New Feature: Display and manage clients access details on client summary page New Feature: Display and manage clients access details on ticket view New Feature: Password view permission for category members New Feature: Notify upon password change New Feature: Send password change reminder Improved: Refreshed interface Are You Interested? ♦ Order Password Manager For WHMCS Now! Do You Need More Information? ♦ Read More About Password Manager For WHMCS Are You Looking For A Complete Documentation? ♦ Visit Password Manager For WHMCS Wiki Do You Want Us To Install And Configure The Module For You? ♦ Tick 'Password Manager Installation Service' Field While Ordering The Product Searching through tickets consumes too much of your everyday time? Download our Support Tickets Displayer For WHMCS entirely for free and see for yourself how quick and easy it can be! Coming Next: SMS Center For WHMCS WWD GoDaddy For WHMCS 2.2 Multibrand For WHMCS 1.6 Do You Need Custom Software Development? Specially for you we will adapt an application and its design to your own needs, create an adequate addon, an entirely new module or even a complete system! We can advise how to solve your problems and propose an optimal solution for your business. ♦ Contact us today! We will prepare for you a free quote, ETA and more details within 24-48 hours. For more information about our promotions, products and company activity - join our social networks! ♦ Forums ♦ Blog ♦ Facebook ♦ Twitter ♦ Google+ ♦ LinkedIn ♦ YouTube
  14. A couple times a year, I see a hacking attempt. The exact method differs, but they always start by creating a user account/order. I modified my template's cart template to show only a link to the login page if user is not logged in. Unfortunately, that doesn't do anything against attackers because WHMCS allows them to create an order directly by submitting POST data. The log file for a recent attack looked liked this: [26/Oct/2014:08:26:09 -0500] "GET /account/cart.php?a=add&domain=register HTTP/1.1" [26/Oct/2014:08:26:09 -0500] "POST /account/cart.php?a=add&domain=register HTTP/1.1" [26/Oct/2014:08:26:10 -0500] "GET /account/cart.php?a=confdomains HTTP/1.1" [26/Oct/2014:08:26:10 -0500] "POST /account/cart.php?a=confdomains HTTP/1.1" [26/Oct/2014:08:26:10 -0500] "GET /account/cart.php?a=view HTTP/1.1" [26/Oct/2014:08:26:11 -0500] "POST /account/cart.php?a=checkout HTTP/1.1" [26/Oct/2014:08:26:13 -0500] "GET /account/cart.php?a=complete HTTP/1.1" [26/Oct/2014:08:26:13 -0500] "GET /account/viewinvoice.php?id=258 HTTP/1.1" [26/Oct/2014:08:26:14 -0500] "GET /account/clientarea.php HTTP/1.1" [26/Oct/2014:08:26:14 -0500] "POST /account/dologin.php HTTP/1.1" [26/Oct/2014:08:26:15 -0500] "GET /account/clientarea.php HTTP/1.1" [26/Oct/2014:08:26:15 -0500] "GET /account/clientarea.php?action=details HTTP/1.1" [26/Oct/2014:08:26:15 -0500] "POST /account/clientarea.php?action=details HTTP/1.1" [26/Oct/2014:08:26:16 -0500] "GET /account/clientarea.php?action=details HTTP/1.1" After creating the order, they attempted an SQL injection, which doesn't work, fortunately. They are able to do this via scripts without logging in, despite the fact that if you go to any of these pages on my site, all you get is a link to login! 1. Good God, why does WHMCS not use nonce? → That would completely solve this, yes? 2. WHMCS should realize this activity is too fast for a human to complete. → Sure, script kiddies would just add some dely…but still, this would be a good idea. 3. Why, oh why, does WHMCS not randomized table prefixes? → That way, any SQL injection attempt that managed to execute somehow would not know the table names. sheesh. 4. It would be nice if WHMCS had an option to disable anonymous orders. Is there a modification I can make to achieve this? → If WHMCS used nonce, my existing modifications would be sufficient, but my changes are useless if an attacker can simply submit an order directly via POST.
  15. Hi, I think iWHMCS is on the right track by we sorely miss 2 options: 1) Password protect the app! Please do this asap 2) We need / want to be able to change the client status from the app too (I'm pretty sure we used to be able to do so with the v1.5.x) Oh, and a little bug thing, we noticed that some clients were not in the list when we selected the "all" option, but we could search for them and find them that way. And on 1 WHMCS install we get an "error. Invalid server response' when selecting any of the Orders options, while it's fine on the others .... Thanks in advance
  16. Hello, Earlier today when Client Signup Emails where sent, the users info was displayed in the e-mails so they can login. Now, emails that I "resend" from the customer profile page: Resend > Client Signup Email It simply sends their email address and a bunch of asterisk for the password. The code used in the template is set with the default: Email Address: {$client_email} Password: {$client_password} Any help would be appreciated.
  17. So I realized a couple year ago that the RSS feeds in WHMCS provide a small privacy bug because they allow users outside the WHMCS or users inside WHMCS but who should have no access to updates access to the news and info on the rss feeds. So I solved this issue by renaming announcementsrss.php to announcementsrssi6567688.php and networkissuesrss.php to networkissuesrss245232324.php so now users can't access it or find it. But I realized that these become obsolete and unusable when we upgrade because the old files are placed back. Unfortunately there is no tpl for these files and these RSS files are encoded so the only way to fix it is to rename.... but when a new version comes out we need to manually delete the files or rename them again.... I would much rather have a good future-proofing method to solve this privacy bug once and for all. Is there a good method to stop/halt/delete/remove the RSS feeds forever?
  18. Hello, Due to recent hacks going around with whmcs, i wanted to investigate further and see if there was anything else that could be done to prevent getting hacked. I have easily found some information on the internet on how we were hacked by recent exploits in whmcs versions 5.2.3 and above. With sql injections its all easily done. We are now using two factor auth, and also following setups in this document to further secure the whmcs installation which will help. If you have not done so already i suggest you get it done a.s.a.p http://docs.whmcs.com/Further_Security_Steps I have found something that needs attention immediately, many attackers use google to search for sites to exploit using the inurl command, doing a search like this. whmcs inurl:clientarea.php will give plently of results and potential people to hack. One easy thing to do that i really cant believe has not been done or should at least be an option is to protect all whmcs files for being indexed, i mean if you cant find them in the first place then it is much harder to exploit in the first place ? <meta name="robots" content="noindex"> In the header template file will allow this feature to not show up on any Google result at all, no matter if its linked from external sites. Some people like to SEO Whmcs ? why i ask, its your billing system and probably the dumbest thing you can do especially since we all know its not exactly secure. If you want to SEO, use your blog or your main website to do the marketing your portal should be as protected and hidden as possible for your clients ONLY. It would be good to see this new option maybe in the GENERAL OPTIONS, SECURITY TAB in Whmcs. If anyone else has anything that can help with securing whmcs in general please share. EDIT: I also just found this option within WHMCS GENERAL SETTINGS -> OTHER TAB that should be unchecked. Tick this box to allow registration without ordering any products/services The most recent vulnerability in 5.2.10 allows someone that has access to the clientarea.php to use an SQL injection. By unchecking this basically means they will need to purchase something before becoming a client. Cheers Mitch
  19. If you are looking for the way to improve your security and your customers experience, our new module is a solution for you! ModulesGarden Password Manager For WHMCS as the name suggests allows to store and manage passwords in a convenient and safe way. Module lets you also decide who will have access to particular passwords. Another interesting functionality is possibility to integrate with your client area to allow your customers to view passwords shared with them and give them the opportunity to manage their own passwords. We made every effort to make Password Manager For WHMCS as flexible and easy to use as possible therefore this is a very handy tool for both you, your staff members and your clients. We are aware of fact that security is very important for each one of us. Therefore through usage of advanced two-way encryption mechanisms module offers high level security for your valuable data. Even if unauthrized person will gain access to your WHMCS or database, he will not be able to decrypt the data without your custom encryption key. Purchase Password Manager For WHMCS to easily manage your valuable data and significantly increase the level of data security in your company. Features Share Access Details With Multiple Clients Share Access Details With Administrators With Specific Admin Roles Store Personal Access Details Which Are Only Visible To You Stores Access Details In Encrypted Format Extended Permissions For Admin Role - Allow Access To All Non-Personal Passwords Revoke Access (Visibility) Of The Password From Clients/Administrators - With One Click Normal Administrators With 'Configure Addon Modules' Permission Are Unable To Change Extended Permissions Adding Note To The Password Provides A Colorized Display Of Access Details Within The Admin Area Links To The Website Or The Login Page Of The Password Displays Owner Of Password Additionally Easy Integration Multi-Language Support Supports WHMCS V5 and Later Module was created in cooperation with Star Network and Promotion Ltd. Click here for more information. Are You Interested? ✔ Order Password Manager For WHMCS Now! Do You Need More Information? ✔ Read More About Password Manager For WHMCS Are You Looking For Complete Documentation? ✔ Visit Password Manager For WHMCS Wiki Check Out Also Our Other Products: ✔ Rackspace Cloud Servers For WHMCS ✔ cPanel Manage2 For WHMCS ✔ DNS Manager For WHMCS ✔ cPanel Extended For WHMCS ✔ Rackspace Email For WHMCS ✔ Rackspace Email Extended For WHMCS ✔ Advanced Billing For WHMCS ✔ WWD GoDaddy Domains For WHMCS ✔ DirectAdmin Extended For WHMCS ✔ Google Apps For WHMCS ✔ Parallels Plesk Panel Extended For WHMCS ✔ Zimbra Email For WHMCS ✔ cPanel Pack For WHMCS ✔ Zendesk For WHMCS ✔ Resellers Center For WHMCS ✔ Liquid Web For WHMCS ✔ Liquid Web Load Balancer For WHMCS ✔ Storm On Demand For WHMCS ✔ Storm On Demand Load Balancer For WHMCS ✔ Storm Servers Billing For WHMCS ✔ SolusVM Extended VPS For WHMCS ✔ SolusVM Extended Cloud For WHMCS ✔ SolusVM Extended Reseller For WHMCS ✔ eNom Email For WHMCS ✔ Proxmox VPS For WHMCS ✔ Payment Gateway Charges For WHMCS ✔ MX Registrar For WHMCS ✔ NIC IT Registrar For WHMCS ✔ IP Manager For WHMCS ✔ Domains Reseller For WHMCS ✔ Parallels Cloud Server For WHMCS ✔ Proxmox Cloud For WHMCS ✔ Hosting Renewals For WHMCS ✔ Report Generator For WHMCS Coming Next: Product Linker For WHMCS - Module will allow you to combine two or more products together. In this way your customers will be able to order two products (or more) as a one product. For example a VPS server and a cPanel license (with cPanel Manage2 For WHMCS module) or two web hosting accounts on two separate servers, and so on. Possibilities are endless! DirectAdmin Licenses For WHMCS - Along with Product Linker For WHMCS module will allow you to automatically provision a DirectAdmin licenses for a client once he orders a product of your choice. For example a VPS Server with a DirectAdmin license. Parallels Key Administrator For WHMCS - Along with Product Linker For WHMCS module will allow you to automatically provision a Parallels licenses for a client once he orders a product of your choice. For example a VPS Server with a Parallels license. Do You Need Custom Software Development? ✔ Don't hesitate any longer! Contact us now! For more information about our promotions, products and company activity visit our Forums, Blog, Facebook, Twitter and Google+ ! ✔ Forums ✔ Blog ✔ Facebook ✔ Twitter ✔ Google+
  20. Security is vital within any business and is something that needs to be actively monitored. The File Monitor for WHMCS will scan your WHMCS files recognising when a file has been modified, created or deleted and then notify you via email. Features: Records files MD5 (and/or) SHA fingerprint Notification when file has modified Notification when a file has been created/uploaded Notification when a file has been removed/deleted For more information, screenshots and support, click here
  21. Using If This Then That (http://ifttt.com), a service that can trigger events based on circumstances we've made a recipe that'll send you an email whenever WHMCS adds a new blog post. Sign up to IFTTT here and get the recipe - https://ifttt.com/recipes/124486
  22. I noticed that several people recently posting about their WHMCS getting hacked. One thing that appears to be missing from all their recommendations is securing your server before it is hacked or after you have cleaned it up. This does not mean it won't be hacked, just less likely. Here is my list of 10 ways to make your WHMCS installation more secure. I am sure others on the forum can add to this list. Start here: http://docs.whmcs.com/Further_Security_Steps Once you have done there there are additional steps you can take. A couple of these items refer to cPanel Servers, but can also be done on other servers.* 1. Install Mod Security in Easy Apache. * Using the default rules are better than nothing, though additional rules are available. It can help block SQL injection attacks. 2. Install mod_geoip for apache, it is a custom module in Easy Apache. * Using this you can block countries you never do business with. Want to block the whole country of Florin, it's easy to do by adding a few lines in your .htaccess file, once mod_geoip is installed. 3. Secure the physical server. Only access files on it via SSH/SFTP and relocate the SSH port to something other than 22. 4. Use hosts.allow to prevent SSH access from all but specific locations. 5. Use the built if firewall or a physical firewall to lock the server down. If you never receive email on the server, block incoming port 110, 25, etc. Block port 21 (FTP) as it is insecure. Basically default to blocked for everything and then just open the ports you use. 6. Block all outbound ports except those you use. e.g. 80, 443, 25, New_SSH_Port, etc. 7. Install csf http://configserver.com/cp/csf.html it makes it easier to secure yout server. 8. Use certificates to connect to the server and set really strong passwords. 9. Block root login via SSH. 10. Backup your server and database files off the server. A good backup is like a parachute, if you don't have one when you need it, it's too late. Remember white hats need to be lucky 100% of the time, black hats only need to be lucky once.
  23. There seems to be a lack of detailed intel regarding the recent SQL injection attack affecting WHMCS 5.1 (prior to 5.2. & 5.2 (prior to 5.1.10). e.g., The post "October 3rd 2013 Security Patch Follow Up" poses the question " How do I know if I was affected?" but then completely fails to answer the question with any authority: So the question remains unanswered (i.e., "How do I know if I was affected?") as does the $64M question: "What should I do if I believe that I believe that my system has been compromised?" Thoughts? Ideas? Suggestions? Let's get some actionable, measurable ideas going here instead of the usual hyperbole, hand-wringing, and speculation that we're all used to on other forums. e.g., How do I know if my system was compromised? What leverage will the attacker have gained if my system was compromised? What should I do if my system was compromised?
  24. Hi, I just received a support ticket through my WHMCS installation which was a BASE64 type of attack or attempted attack. It came from this IP address 182.178.20.153 located in Pakistan which I have totally blocked through CSF, but after receiving email message. I have decoded the Base64 and below is the resulting code. I am running the latest version of WHMCS 5.2.5 on Centos 6.4 with WHM 11.38.1 and I had followed the instructions for securing WHMCS when doing the install by moving certain files out of the public directory, changing admin folder, etc. Is this a new attack that might compromise my WHMCS installation or data? or is version 5.2.5 already capable of blocking this attempt (I hope)? Here's the code: - Removed -
×

Important Information

By using this site, you agree to our Terms of Use & Guidelines and understand your posts will initially be pre-moderated