Do you think there is a need for SSL on whmcs?

[nexthost]

I was just wondering if people think there is a need for SSL certs on the main page, since I use paypal/google checkout as the payment options and nothing for payment wise isn't secure, do you use it, or no? I have never actually setup SSL, how can I do it, I know I can generate one in cpanel or just purchase one if needed, but do you think it is really needed?

[mylove4life]

Id say yes... some could steal your user/pass and cause hell....

[nexthost]

I don't see how they are going to do that, the passwords are encrypted.

[openmind]

It does give an extra layer of trust which is why we have an EV cert on all our WHMCS pages...

[Damo]

Information you type into and submit when logging is isn't encrypted at all. It is when done over SSL. The same applies to your clients when they login.

 

We too use an EV SSL as it gives our clients a warm and fuzzy feeling on top of being verified.

[easyhosting]

An SSL is not only to secure payment details.

 

If you think, someone signs up giving their name, address, DOB etc. so without an SSL these details can be stolen and Identies cloned.

 

So as long as you are taking personal details of anyone yes you need an SSL, also some people will not order from you unless you have a secure site

[JofleyUK]

Has anyone got the problem sorted yet where WHMCS whines about SSL links in your client area on the main site. I know of 2 ppl in this post who have SSL and their client area has SSL Errors, meaning your Cert is wasted.

 

ie, click on client area, there are links on the page with http:// links so it disables ssl on the client area.

 

Gonna start messing with 301 redirects for main site pages to see if it makes mine any different.

[bear]

No issues on my own. Can you point to the page on yours where it's happening?

[JofleyUK]

its not happeneing on mine as i turned off SSL for the client area for a bit. This is what causes it. Your links in your own site navigation are set to http:// instead of https://

 

If you set them to relative links, ie "../index.html" then when you leave WHMCS your whole site's running under SSL.

[bear]

Your links in your own site navigation are set to http:// instead of https://

You will get a warning if you include files without https, or it might produce one if you're leaving SSL to non when you click it. Just having those URLs in a page will not generate warnings.

 

Show me some example page that has these warnings, and I'd be happy to have a look and see if I could explain it.

[JofleyUK]

OK, i have activated the https:// for my site. Now you wont get errors. but as soon as you come out of the client area, the whole site's in SSL now.

 

If I hard code my links for Home, Domains, Hosting etc etc to go to http:// in the whmcs client area then I will get an SSL content warning.

[GORF]

OK, i have activated the https:// for my site. Now you wont get errors. but as soon as you come out of the client area, the whole site's in SSL now.

 

If I hard code my links for Home, Domains, Hosting etc etc to go to http:// in the whmcs client area then I will get an SSL content warning.

 

Don't hardcode them that way. The system will automatically switch in and out of SSL.

 

If you want a link to Home - index.php - then just make the link [./index.php] not [http://www.something.xyz/index.php].

 

The same goes for image paths - ./images/whatever.jpg works like a charm.

 

This has been discussed and beaten to death numerous times here and elsewhere.

[bear]

If I hard code my links for Home, Domains, Hosting etc etc to go to http:// in the whmcs client area then I will get an SSL content warning.

 

Link to exactly where it's happening, please.

 

Don't hardcode them that way. The system will automatically switch in and out of SSL.

 

It appears it's a menu he's included into WHMCS, not a WHMCS native menu, but I'm just guessing as he still hasn't included a direct link or screen cap.