kenby Posted November 9, 2011 Share Posted November 9, 2011 Hi, today one hacker told us that the whmcs has been hacked and he provide us the configuration file content, previously our servers was being hacked and we didn't know what was the issue, we have contact whmcs and they advised us that we need to have our host review the server access logs to see what happened. the hacker told us that he could hack using the template folder ! he could also create user in whmcs! how to resolve this issue ? 0 Quote Link to comment Share on other sites More sharing options...
bear Posted November 9, 2011 Share Posted November 9, 2011 Is your WHMCS fully up to date? There was a patch recently released that addressed some issues that this sounds like might have been connected to. 0 Quote Link to comment Share on other sites More sharing options...
b.ahmed Posted November 9, 2011 Share Posted November 9, 2011 make sure you block the access to template directory, to do that make .htaccess file under yourmain public_html/ folder and add following code to it. Options -Indexes # Block Access To .tpl Files <Files ~ "\.tpl$"> Order allow,deny Deny from all </Files> For extended security visit following link: http://docs.whmcs.com/Further_Security_Steps 0 Quote Link to comment Share on other sites More sharing options...
Recommended Posts
Join the conversation
You can post now and register later. If you have an account, sign in now to post with your account.