Jump to content

OpenSSL Heartbeat bug - Force clients to change password

Recommended Posts


Some of you (if not all of you) have probably heard of the OpenSSL Heartbeat bug which allows an attacker to read some of the memory.

We were using one of the affected versions and are just done patching all servers. We want to force all clients to change their passwords, but how can this be done? Sending an email won't be enough, because some people never think they are affected, thus not changing the password.

Edited by DennisMidjord
Link to comment
Share on other sites



It would be useful if WHMCS had a module that could change all the cpanel passwords on the server, update WHMCS with the new password and send an email to the client advising them of what has been done.


It would also be useful if WHMCS had a module to force clients to change their passwords when they try to login to their accounts in the WHMCS software.


In view of some of the latest vulnerabilities that have been discovered, something like this would be most welcome.

Link to comment
Share on other sites

Its a down and dirty


You can always run the following in phpmyadmin ( Backup FIRST )

UPDATE `DATABASE NAME`.`tblclients` SET `password` = 'ghtyehdity3hr7';


this will force a password change then you can send an email that says WE forced your passeord to change, you need to login to your account and change it to something secure

Link to comment
Share on other sites

Join the conversation

You can post now and register later. If you have an account, sign in now to post with your account.

Reply to this topic...

×   Pasted as rich text.   Paste as plain text instead

  Only 75 emoji are allowed.

×   Your link has been automatically embedded.   Display as a link instead

×   Your previous content has been restored.   Clear editor

×   You cannot paste images directly. Upload or insert images from URL.

  • Recently Browsing   0 members

    • No registered users viewing this page.
  • Create New...

Important Information

By using this site, you agree to our Terms of Use & Guidelines and understand your posts will initially be pre-moderated