FIREWALL Module for WHMCS - Security, Auditing & Secure Backups!! +WHMCS Forum Only - Discount Code

[PropelMWS]

- What is WHMCS Firewall?

 

It is a web application firewall, intrusion detection system, offers secure backups (Amazon S3 and Dropbox), automated alerting, auditing and more WHMCS Security addon to protect your WHMCS billing and customer management system.

 

- Why purchase our WHMCS Security module?

 

Our WHMCS Firewall module provides security, auditing and SECURE offsite backup features that are not included in WHMCS.

 

WHMCS provides very powerful server automation, billing and customer management but it lacks advanced security options. We have used WHMCS for many years and do not plan on switching so we just decided to solve the security part on our own and are now making our security module available to other WHMCS users.

 

*If you care about protecting the system that powers your billing, server automation, client support, company reputation, etc. then purchase our Security module. No hard sale here.. Either you care about security or you don't

 

- Is WHMCS Firewall compatible with WHMCS v6?

 

Yes, compatible with WHMCS 5.x and 6.x (Select your correct version during checkout)

 

- What features are included in WHMCS Firewall?

 

The WHMCS Firewall module adds the following security features to WHMCS.

 

Web Application Firewall + IDS – Htaccess based firewall, pre-loaded rules and notifications to keep you updated on the latest threats to your WHMCS website.

 

Amazon S3 Backups – Allows secure offsite backups (manual or scheduled) to your Amazon S3 file storage account. – MAJOR

 

Dropbox Backups – Allows secure offsite backups (manual or scheduled) to your linked Dropbox account. – MAJOR

 

*As you already know, insecure FTP and Email are the only two current WHMCS backup options. S3 is the preferred route and we give you a step by step tutorial on how to setup your S3 bucket and permissions.

 

File Auditing – Know when your Core WHMCS files or any files under your WHMCS installation change. – MAJOR

 

Settings Auditing – Alerted when key WHMCS settings change which can be signs of a silent hack.

 

Admin Auditing – Alerted when admin details change (including password hash) or a new admin is added or existing admin removed.

 

Products Auditing – Alerted when products are added, edited or removed. Such as price change and ability to “RollBack” any incorrect edits.

 

Payment Gateway Auditing – Alerted when payment gateways are added, edited (IMPORTANT) or removed. And ability to “RollBack” any changes.

 

Addons Auditing – Alerted when addons are added, edited or removed. Such as price and ability to “RollBack” any incorrect changes.

 

Cloudflare Integration – Link to your Cloudflare account via API to instantly sync WHMCS banning and auto-expire actions to your entire Cloudflare network. > SWEET

 

Autoban Honey Pot – Hackers check certain WHMCS urls first. Such as /admin/ Knowing this you can Autoban from WHMCS and optionally sync that Autoban to Cloudflare. > Getting excited yet??

 

Customized Reporting – Silence specific security alerts, customize which admins or custom emails and how often you receive security alerts.

 

Whitelist modules - Concerned that one of your existing modules may be affected by the security rules added by this module? First, it will likely not (99.99%). Second, Whitelist the module using our Addon module scanner and whitelist feature. (Yes, we did think of just about everything)

 

24/7 Support – You are not a Security expert, you are a business owner with things to do, servers to fix and customer support tickets to answer. We are here to help 24/7. You focus on growing your business – we will focus on keeping your WHMCS secure.

 

Actively Maintained – Online threats, WHMCS, LAMP and many other factors change frequently. Rest assured we actively update our security module. "Update Available" feature also built in.

 

Many more features – There are too many features of WHMCS Firewall to list. After you purchase you will have full access to the WHMCS Firewall User’s guide located at https://whmcssecurity.com/

 

Like I said, we Love and have used WHMCS for many years. We created this security module for internal use and it has worked great. We have now decided to release it for public sale so other WHMCS users can benefit and protect themselves with the added security provided by our WHMCS Firewall Addon.

 

What is your website and where can I purchase the module?

 

Our website is https://whmcsFirewall.com

 

I love discounts.. can I have a discount code?

 

Yes, you sure can. We have a very Exclusive and special offer for fellow forum members..

 

50% Off (Monthly, Owned or Enterprise License) - Use code WHMCSFORUM50 **Expires 9/7/2015**

 

25% Off (Monthly, Owned or Enterprise License) - Use code WHMCSFORUM25 **Expires 9/15/2015**

 

10% Off (Monthly, Owned or Enterprise License) - Use code WHMCSFORUM10 **Never Expires**

 

> AND a Free Trial is also available... What are you waiting for?? Go try it out!!

https://whmcsfirewall.com

 

**The 50% off discount code is a once in a Lifetime only deal. I promise you will NEVER (EVER) see it again here or on any other website once it expires, so I suggest you take advantage of it!

 

LAST QUESTION,

I am kind of busy with hosting and helping my clients.. can you save me time and install this security module for me?

 

Yes, you can select the "Module Installation and configuration" option during checkout.

 

Also, all of our plans (even the Free Trial) come with support so open a ticket with any questions. We Really enjoy interacting with our customers, talking about our module and security. So we look forward to reading your tickets!

 

Nothing is perfect in this world, so feedback and recommendations are always welcomed! Help us make a better and safer WHMCS by trying & giving your feedback to our WHMCS Firewall Security Module.

 

https://whmcsFirewall.com

Edited August 31, 2015 by PropelMWS

[Si]

The promotion code you entered has been applied to your cart but no items qualify for the discount yet - please check the promotion terms

[PropelMWS]

Hello, looks like you tried to apply the discount code to a Free trial which would indeed give that error message. I see you got it applied to an Owned license correctly and received the 50% discount. Thanks for supporting WHMCS Firewall!

 

Best,

Trevor~

[Si]

Hello, looks like you tried to apply the discount code to a Free trial which would indeed give that error message. I see you got it applied to an Owned license correctly and received the 50% discount. Thanks for supporting WHMCS Firewall!

Trevor~

 

Thanks for the reply. What I was doing was upgrading from the free trial to the owned license. You need to tick the box 'Enable for Product Upgrades' on the promotions page.

 

Because you hadn't applied this, I had to order a new package and bypass the upgrade option. Cheers

[PropelMWS]

Thanks for the clarification. Yes that upgrade from Free Trial + promotion code method would be ideal but it had to be left turned off on purpose because of how our Reseller branded license keys automation and encoding works. Long story but I will work on making that upgrade with a discount code process easier! Thanks for the feedback

 

Best,

Trevor~

[Si]

Just an update. Started getting complaints from customers that they couldn't reset their login details and change passwords. So I disabled the script and had to manually remove the code from the .htaccess files to get it back working again.

[PropelMWS]

Thanks, I just updated your support ticket with the steps to resolve that problem for your specific WHMCS version.

 

*Also, you do not have to manually remove any of the .htaccess code

 

> When you first activate the module the User's Guide (https://whmcssecurity.com/) says click "Backup" before activating the different Firewall rules.

 

*Once you click "Backup" then you will see the option to click "Restore" to restore the original files. We realize that for each server configuration (DSO, SuPHP, FastCGI, PHP version, other addon modules installed, etc.) certain rules could cause a problem. So we have made it very easy to test and roll back any of the rules or features of this firewall. No manual work is required.

 

The page to read is: https://whmcssecurity.com/whmcs-firewall-rules/

 

Also, https://whmcssecurity.com/whmcs-firewall-initial-backups/ (Tells about the "Baseline Backups" before you begin that I was talking about in the sentences above).

 

Please feel free to open a support ticket and ask about any feature before using it or read through the User's Guide for details and then let us know if still have any questions after.

 

*Use the email address you purchased with when registering for full access to the User's Guide. The system already see's your order and will allow you to. Please open a support ticket with any questions.

 

Best,

Trevor~

[Si]

I've requested a refund on this by ticket. I've totally removed it, and the cron jobs from my server. Look forward to hearing from you.

 

UPDATE: Refund received with thanks.

Edited September 1, 2015 by Si
Refund update

[PropelMWS]

Hello Si, you will always here from us. We are here long term, not here today gone tomorrow.

 

I am happy to hear your refund request was updated to your satisfaction.

 

We will be posting links to a v5.3.14 Full demo and v6.0.2 Full demo on the forum today or tomorrow so I encourage you to test those out and test any features you like.

 

As always, Thank You for trying WHMCS Firewall.

 

Best,

Trevor~

[easyhosting]

I removed the trial as it kept notifing me

 

[TABLE=class: w580, width: 580]

[TR]

[TD=width: 580]

Notification For 5G Blacklist Rule In Htaccess - Danger5G Blacklist Rule is not added to your htaccess file. Please add this rule to make your WHMCS more secure.

[/TD]

[/TR]

[TR]

[TD=width: 580][/TD]

[/TR]

[/TABLE]

---

[TABLE=class: w580, width: 580]

[TR]

[TD=width: 580]

Notification For Block Proxy Server Rule In Htaccess - MonitorBlock Proxy Server Rule is not added to your htaccess file. Please add this rule to make your WHMCS more secure.

[/TD]

[/TR]

[/TABLE]

 

when these were added to the htaccess file

[PropelMWS]

Hello easyhosting,

 

I have not personally seen (I get emailed by multiple installations everyday) nor had that problem reported. Please feel free to test on the demo when posted.

 

Thanks for the update on your experience.

 

*If you do decide to purchase a license after trying the demo, then I would highly recommend paying the small $20 fee for Installation and configuration. Will make your life much easier as this is a very complex security module.

 

Best,

Trevor~

[easyhosting]

Hello easyhosting,

 

I have not personally seen (I get emailed by multiple installations everyday) nor had that problem reported. Please feel free to test on the demo when posted.

 

Thanks for the update on your experience.

 

*If you do decide to purchase a license after trying the demo, then I would highly recommend paying the small $20 fee for Installation and configuration. Will make your life much easier as this is a very complex security module.

 

Best,

Trevor~

 

well i followed the installation instructions and double checked them. i dont think i will be purchasing the module as the trial was enough for me.

[PropelMWS]

Thanks for the follow up reply easyhosting,

 

I am not surprised by your outcome, Since I see you did not register or login to the online User's Guide website...

 

This Security module is definitely a "I have time to read or will pay for the installation + configuration" nothing in-between..

 

Sort of like when the "check engine" light comes on in your car.. You do not grab a box of tools and presume turning all the bolts round and round in the engine will magically fix it..

 

Again, seriously though. "Thank You" for trying out the module and giving your feedback. It is not a security module meant for everyone, that is for sure. You only get out what you put into Security and not even reading the User's Guide.. Well.

 

Thanks for the update on your experience.

 

Best,

Trevor~

[easyhosting]

Thanks for the follow up reply easyhosting,

 

I am not surprised by your outcome, Since I see you did not register or login to the online User's Guide website...

 

This Security module is definitely a "I have time to read or will pay for the installation + configuration" nothing in-between..

 

Sort of like when the "check engine" light comes on in your car.. You do not grab a box of tools and presume turning all the bolts round and round in the engine will magically fix it..

 

Again, seriously though. "Thank You" for trying out the module and giving your feedback. It is not a security module meant for everyone, that is for sure. You only get out what you put into Security and not even reading the User's Guide.. Well.

 

Thanks for the update on your experience.

 

Best,

Trevor~

Yes i did read the user guide, its bad business to tell someone they never did only to try and get more money from them by getting them to have you install it.

you do yourself no favours treating clients and prospective clients this way.

[PropelMWS]

Hello easyhosting,

 

Sorry if you took my reply personal. It was not my intention.

 

I am not sure what $20 gets you in the UK.. but I can promise you it gets "almost nothing" in the USA. So clearly I am not "trying to get more money by getting to install it". I will not be "Getting Rich" from $20 installs.. on the contrary actually.

 

There are just certain things that cannot be done easily unless you are very experienced in it is all I am saying.. I did not make that rule, it is just life. It is also the reason why you are able to make money as a web host.. If everyone thought they could "do it themselves" then.. why pay some else for hosting so they can "Get Rich" off me..?

 

But again, (and I really mean it), Thank you for trying WHMCS Firewall and I appreciate your initial feedback.

 

Best,

Trevor~

[easyhosting]

Hello easyhosting,

 

Sorry if you took my reply personal. It was not my intention.

 

 

so this was not personal

 

 

 

I am not surprised by your outcome, Since I see you did not register or login to the online User's Guide website...

 

 

[PropelMWS]

Our WHMCS Firewall Demo is now live.

 

WHMCS v6.0.2 + WHMCS Firewall 3.0.6 (Latest version of both as of 9/10/2015)

 

http://v6-0-2.whmcsfirewall.org/v602demoAdmin/

u = v602whmcsFIREWALLdemo

p = v602demoPassword

 

We have also extended our 50% discount offer to give members more time to try the demo and Free Trial!

 

Best,

Trevor~

[JFOC]

Staff are able to read this ?

 

<?php

$license = 'Leased-4161f9580ecce7a07045';

$db_host = 'localhost';

$db_username = 'firewdem_v602usd';

$db_password = 'v602demoPassword';

$db_name = 'firewdem_v602demoDB';

$cc_encryption_hash = '3jj5ye4rYkYSB3TxvdH1Slm2V7abFkpyuytSCo9rzX90RTodXW4F8hyTfyUKI992';

$templates_compiledir = "/home/firewdemo/templates_c/";

$mysql_charset = 'utf8';

$customadminpath = "v602demoAdmin";

$attachments_dir = "/home/firewdemo/attachments/";

$downloads_dir = "/home/firewdemo/downloads/";

[PropelMWS]

Hello JFOC,

 

Congrats, I see you have discovered the "Visual configuration.php" file editor feature. (very useful for those who do not know!!)

 

"A Full WHMCS Administrator" is the only one that can read that or access the WHMCS Firewall module at all for that matter..

 

Your "Staff" (Aka outsourced support, customer service, or people who have no business having FULL access to your WHMCS) should (Must) for many many reasons be created their own WHMCS roles (which will not have access to WHMCS Firewall, your payment gateway settings in WHMCS? your database backup and download feature in WHMCS? etc.

 

Please let me know if you have any additional questions.

 

Best,

Trevor-

[PropelMWS]

Released version 3.0.7 with full WHMCS v6.1.1 compatibility.