Jump to content
  • 0
caygri

Can i use for my business?

Question

Hello,

I have small company, i'm web agency and i see some my competitors use whmcs to manage client and project.

In the past i use sometimes whmcs but i dont if I can do all this things (I'm avaible to pay module):

  • generate contract and signup
  • client signup
  • client open ticket
  • client chat
  • chat conversation become a ticket
  • admin can send quote, client can accept or decline
  • admin create project for each client when accept a quote
  • in project there is a way to talk like a discussion, share document and files and sensitive data
  • write faq
  • integration wordpress for some area like user login, ticket area, quote, project
  • client can write email and open automatically a ticket in a dedicated categories like Quote
  • different client usergroup like client, possible customer
  • in ticket area, if admin request share sensitive data like cpanel, domain, plesk and ftp
  • invoice with sectional and automatic counter based on the sectional
  • invoice split payment, for example admin setup 50% in advance and 50% end of job

With WHMCS can i do all this?

Share this post


Link to post
Share on other sites

19 answers to this question

Recommended Posts

  • 0

Thank you for considering WHMCS! I can confirm that these items will be possible using a combination of WHMCS with our Live Chat and and Project Management addons,  If you have any specific questions about these addons, please feel free to reach out to our sales team at https://www.whmcs.com/submit-a-ticket/https://www.whmcs.com/submit-a-ticket/

Share this post


Link to post
Share on other sites
  • 0

I answer about what I know in my experience:

  • generate contract and signup   YES
  • client signup      YES
  • client open ticket      YES
  • client chat           with addon
  • admin can send quote, client can accept or decline     YES
  • write faq     YES
  • integration wordpress for some area like user login, ticket area, quote, project             STAY AWAY!!!! Keep your WP far away from your WHMCS!!!!
  • client can write email and open automatically a ticket in a dedicated categories like Quote             YES
  • different client usergroup like client, possible customer                 YES
  • in ticket area, if admin request share sensitive data like cpanel, domain, plesk and ftp                False problem: if you have a SSL certificate on your site, communication with ticket area are yet encrypted (so no need for fancy but useless obfuscated / encrypted fields). And when you have these data on your db, they will always be in "clear" amd uncrypted format...
  • invoice with sectional and automatic counter based on the sectional       Hummm... no. Or maybe just no "off the shelf"
  • invoice split payment, for example admin setup 50% in advance and 50% end of job           Yes, with a workaround

Share this post


Link to post
Share on other sites
  • 0

i have just started to try and integrate WHMCS with wordpress and its an absolute pain in the ass!! Find another way if you can. The two just don't integrate at all. I'm a fairly experienced php developer and its taken me 3 weeks to get the two working together and it still isn't working properly.......

Share this post


Link to post
Share on other sites
  • 0

ok for integration in wp but i'm not happy about project management! 

I try addon but not satisfied me...

Share this post


Link to post
Share on other sites
  • 0

any suggestion for project management?

i need something where i create project and client talk like a discussion

Share this post


Link to post
Share on other sites
  • 0

Don't worry, I know what I'm doing 😀

________________________________________

@caygri Il Project Management, benché a prima vista possa sembrare spoglio, fa tutto quello che credo ti serva. Crei i progetti, ci lavori, fatturi il tempo di lavorazione, comunichi tra lo staff nella chat riservata o anche con il cliente tramite il collegamento con i ticket e alleghi file. Il cliente dall'area clienti può non solo visualizzare tutte le fasi della lavorazione, i task ed il tempo impiegato ma anche aggiungere nuovi compiti. Se vuoi qualcosa in più puoi guardare questo modulo di Modulesgarden.

 

Edited by Kian

Share this post


Link to post
Share on other sites
  • 0

Kian thank you for your reply, I think is best talk in english! I'm Italian too 😄

I'm not looking for a task manager, i need to create a project inside the project i need discussion (like ticket) and file upload. That's all...

So When I open project i have all discussion or client comment about it. 

 

Share this post


Link to post
Share on other sites
  • 0

You can make it. Create a project an link it to a dedicated ticket. This way you can talk with your customer about that project, upload files etc. When you open the project in question you can always find the reference to the ticket. It's very intuitive to use.

Edited by Kian

Share this post


Link to post
Share on other sites
  • 0

I was talking about Project Management of WHMCS. I bet that it's possible also with the module of Modulesgarden but that's another story. Below you can see how it looks.

project-management.thumb.png.fcef3c1f3598d16f2166ceca06b7a279.png

Share this post


Link to post
Share on other sites
  • 0

i test i see it the ticket associate to project but for example, message area who read it? IF client can read i'm also happy. 

 

Share this post


Link to post
Share on other sites
  • 0

Messages (2nd tab in the screenshot) is for Administrators. Customers can't see messages posted there.

Share this post


Link to post
Share on other sites
  • 0
On 19/10/2018 at 4:26 PM, Remitur said:

I answer about what I know in my experience:

  • in ticket area, if admin request share sensitive data like cpanel, domain, plesk and ftp                False problem: if you have a SSL certificate on your site, communication with ticket area are yet encrypted (so no need for fancy but useless obfuscated / encrypted fields). And when you have these data on your db, they will always be in "clear" amd uncrypted format...

What!! So you would store un-encrypted passwords in your database tables too?

Sensitive data should always be stored encrypted in the database, so if it is ever compromised it cannot be read (think SQL injection attack...)

Share this post


Link to post
Share on other sites
  • 0
On 10/21/2018 at 12:47 PM, bendrop said:

What!! So you would store un-encrypted passwords in your database tables too?

Sensitive data should always be stored encrypted in the database, so if it is ever compromised it cannot be read (think SQL injection attack...)

Yes, I know, password are always to be stored encrypted in db, etc etc

Now, let's analyze it together:
1 - the user inserts a password in a ticket
2 - the content of the ticket is encrypted by SSL, and arrives encrypted to our server: no "man in the middle", no traffic sniffing...
3 - SSL decrypt the ticket, and so also the password, which is plain
4 - Do I need to encryt the password to store in on my server? Really?
Ok. And what key do I need to use to encrypt it? But, mostly important: WHO IS AUTHORIZED TO KNOW THAT KEY?
If your company is something different from a "one man company", you'll have a bunch of collaborators who will be authorize to retrieve that password... do I need to distribute that key to each of them? Well, but a key who is distributed to more then one is no more private but is a public key, so the encryption is useless... 😄

So: you need to protect your db, where you have not only that (temporary) password sent to you by your customer in a ticket, but a lot of other sensible data...

Because if anyone can violate your WHMCS db, you have big issues.... and that temporary password sent in a ticket is the last and less important of your problems... 😉    

Share this post


Link to post
Share on other sites
  • 0
On 23/10/2018 at 2:00 AM, Remitur said:

Yes, I know, password are always to be stored encrypted in db, etc etc

Now, let's analyze it together:
1 - the user inserts a password in a ticket
2 - the content of the ticket is encrypted by SSL, and arrives encrypted to our server: no "man in the middle", no traffic sniffing...
3 - SSL decrypt the ticket, and so also the password, which is plain
4 - Do I need to encryt the password to store in on my server? Really?
Ok. And what key do I need to use to encrypt it? But, mostly important: WHO IS AUTHORIZED TO KNOW THAT KEY?
If your company is something different from a "one man company", you'll have a bunch of collaborators who will be authorize to retrieve that password... do I need to distribute that key to each of them? Well, but a key who is distributed to more then one is no more private but is a public key, so the encryption is useless... 😄

So: you need to protect your db, where you have not only that (temporary) password sent to you by your customer in a ticket, but a lot of other sensible data...

Because if anyone can violate your WHMCS db, you have big issues.... and that temporary password sent in a ticket is the last and less important of your problems... 😉    

The key is kept in the php config file on the webserver - so WHMCS will transparently decrypt the data as it needs to be seen (this is how it works currently for the server passwords and credit card information)

Of course if your WHMCS is root compromised (so they can upload rogue php files) - then you're totally stuffed, but if it's a SQL injection, or just the mySQL server that is hacked - at least the sensitive data will stay safe.

Share this post


Link to post
Share on other sites
  • 0
On 10/26/2018 at 3:03 PM, bendrop said:

The key is kept in the php config file on the webserver - so WHMCS will transparently decrypt the data as it needs to be seen (this is how it works currently for the server passwords and credit card information)

If you use a single, local key, it's useless: if the server is compromised, also the key will be violated.
So, you need a second key, stored elsewhere... and the issue is: where? And who can get it?

BTW: protect a mysql server is much more easier than a web server: you know exactly what IP are authorized to access to that mysql server, what ports, what's the entity of traffic... you can inject whatever code you want in mysql, you'll be able to delete the data, but if you want to retrieve data from it you'll need to get control of a web server authorized to connect to it.

 

Share this post


Link to post
Share on other sites

Create an account or sign in to comment

You need to be a member in order to leave a comment

Create an account

Sign up for a new account in our community. It's easy!

Register a new account

Sign in

Already have an account? Sign in here.

Sign In Now

  • Recently Browsing   0 members

    No registered users viewing this page.

×

Important Information

By using this site, you agree to our Terms of Use & Guidelines and understand your posts will initially be pre-moderated