Jump to content
Jbro

I am still with whmcs 6 final how long can I go on? need time

Recommended Posts

Before upgrading to 7 I need to do a lot , I have to make some changes I need at 6 months more before upgrading to 7

Right now I am final 6   is it safe?

 

 

Share this post


Link to post
Share on other sites

I know people that are still running 5.x for mysterious reasons. They're relatively fine because they have small and unknown websites and they're crazy too. I mean they're counting on luck.

That said, WHMCS will not explode but of course you should upgrade for obvious reasons (security).

 

 

Edited by Kian

Share this post


Link to post
Share on other sites

Thanks has there been any security issues with the Final Whmcs 6 ?

Share this post


Link to post
Share on other sites
8 minutes ago, Kian said:

I know people that are still running 5.x for mysterious reasons. They're relatively fine because they have small and unknown websites and they're crazy too. I mean they're counting on luck.

 

 

I'm unaware of any exploits in the wild for v5 that would justify the "small / unknown and crazy" or "being lucky" comments. 
The push to v7 is more to "stay modern" and up to date, but I can't recall seeing exploits being done against them or releases to address "bad things" while  was still actively supported. Have links?

Share this post


Link to post
Share on other sites
1 hour ago, bear said:

I'm unaware of any exploits in the wild for v5 that would justify the "small / unknown and crazy" or "being lucky" comments. 

Public exploits exists for WHMCS v5.
I think the security risk does not require any discussion. It's not just about public exploits, but also about things like CVE-2016-10033 (I know that this vulnerability is likely to be exploited with luck, but be that as it may).

3 hours ago, Jbro said:

Right now I am final 6   is it safe?

WHMCS v6 is EOL, thereforce i would not call it safe to use. However, I can not find any public exploits right away, but that does not mean that there are no non public exploits.
Longer LTS releases would be desirable, but I think that will not change in the future.

Share this post


Link to post
Share on other sites
1 hour ago, string said:

Public exploits exists for WHMCS v5.

Earlier versions, yes. Nothing past 5.2.8 on that site, not the last version in that branch (I believe), which was 5.3.17 (or so). If there were public exploits beyond that, I've not seen them. 😉 Doesn't mean there aren't any, naturally, but then again, there is just as much possibility of unpublished ones for more recent versions, even the latest (given it's complexity, and how hooks are being written by amateurs like myself). 

Clearly the OP needs to move on and bite the bullet at some point, but alarmist claims aren't needed, I'd suggest. 

CVE-2016-10033 is about PHPmailer,  not WHMCS. 😉

Share this post


Link to post
Share on other sites
1 hour ago, bear said:

CVE-2016-10033 is about PHPmailer,  not WHMCS. 😉

That is correct. But WHMCS uses several third party libraries, including PHPMailer (see the security advisory from WHMCS).
This CVE came to mind spontaneously as an example that the vulnerability does not necessarily have to be in the WHMCS core. Older WHMCS versions naturally contain older third party libraries 🙂

1 hour ago, bear said:

Nothing past 5.2.8 on that site, not the last version in that branch (I believe), which was 5.3.17 (or so).

My comment on this is more generally related to v5. I think that @Kian does not only refer to the "latest" v5 version.

Edited by string

Share this post


Link to post
Share on other sites
11 hours ago, string said:

WHMCS v6 is EOL, therefore i would not call it safe to use.

EOL is just WHMCS no longer supporting it, not a lethal klaxon warning. ⚠️

if v6 is working for you, and you're in good control of the server environment, then there's no real problems with it in the short-term... all versions of WHMCS have potential security issues, and there have already been security updates for v7, so there's no 100% guaranteed "safe" version.

always remember that while each new release adds new features, more importantly, it often removes features that you may currently be using (or need) - so never assume that upgrading is a win-win scenario.... weigh up each upgrade by testing thoroughly first.

14 hours ago, Jbro said:

Before upgrading to 7 I need to do a lot , I have to make some changes I need at 6 months more before upgrading to 7

by which time, the v8 beta will likely be out and the circus starts all over again. 🎪

if you get your license from WHMCS direct, you should get yourself a free developer's license, install v7.6.1 (or whichever release) and start working on the updates in your spare time... that will give you time to find what features have been removed and how to work around their absence.

  • Like 1

Share this post


Link to post
Share on other sites

Create an account or sign in to comment

You need to be a member in order to leave a comment

Create an account

Sign up for a new account in our community. It's easy!

Register a new account

Sign in

Already have an account? Sign in here.

Sign In Now

  • Recently Browsing   0 members

    No registered users viewing this page.

×

Important Information

By using this site, you agree to our Terms of Use & Guidelines