Jump to content
Kian

Watchdog for WHMCS - Detect Compromised Files & Intruders

Recommended Posts

Securing WHMCS

We're pleased to announce we're working on releasing our second free module for WHMCS. In case you missed the first, it's named Plesk Checker. It lets you quickly identify problems in the integration between WHMCS and Plesk.

This time we want to open source a script we used internally for years to help our customers to fix compromised installations of WHMCS. Here is the dashboard (click to enlarge).

whmcs-watchdog-dashboard.thumb.png.ff013d33c1a185f6b0209d8068c71149.png

Watchdog Features

The script performs file system integrity checks to detect:

  • Compromised files that could potentially threaten your core install (eg. malwares, files with injections)
  • Intruders. Unknown files that require your attention as they could be legitimate scripts of backdoors
  • Missing files that could cause unexpected errors
  • Anomalous and suspicious files buried deep within directories

You can inspect all findings to take the appropriate actions but the module can also be configured to automatically deal with such files.

whmcs-watchdog-file-inspection.png.74a9e4c610771cc41443814d32a7235c.png

The module verifies checksums of all .php files and performs checks every X hours. When a compromised file is detected, optionally the module can automatically take any of the following actions.

  • Neutralize file so that it can't be used to harm your system (quarantine)
  • Send notifications to selected administrators

Watchdog Settings

All settings can be changed from the following simple and intuitive interface.

whmcs-watchdog-settings-automation.thumb.png.d4ef5cd413d8373c82c8e1c64d37bd83.png

whmcs-watchdog-settings-notifications.thumb.png.baa9c4c3ad2fcdf42c36a777c49d2a3e.png

Please keep in mind that the module is not ready for use as we're still working on it. It won't take much time since we're "converting" a stand-alone script to make it work as a WHMCS Addon module.

Get Involved!

Follow the project on Github to send suggestions and be the first to use it once it will be ready for use!

Follow Us on Github

Looking for other free scripts? Take a look at our huge collection of Action Hooks and Reports for WHMCS.

Share this post


Link to post
Share on other sites

  • Similar Content

    • By HardSoftCode
      What is MailChimp?
      Mailchimp is an all-in-one Marketing Platform for small businesses. The vendor says its goal is to help small businesses market smarter so they can grow faster. Mailchimp aims to be the backbone for customer relationships, with AI-powered, user-friendly tools. Mailchimp is designed to put the audience at the center so users can send marketing emails and automated messages, create targeted ad campaigns, build landing pages, send postcards, facilitate reporting and analytics, and sell online. The vendor reports that millions of businesses and individuals - from community organizations to Fortune 100 companies - use Mailchimp to connect with their audience with the right message, at the right time, in the right place. Founded in 2001 and based in Atlanta, GA, Mailchimp has 1000+ employees and is privately held. Mailchimp Transactional Email enables developers to send hyper-personalized emails that reach inboxes.
      Why do you need MailChimp Mail Provider?
      The unofficial MailChimp Transactional (Mandrill) Mail Provider module give WHMCS the ability to send emails through MailChimp Transactional (Mandrill) SMTP service by going to Configuration > System Settings > General Settings > Mail tab > Click Configure Mail Provider and activate the MailChimp Mail Provider
      How it works?
      After activating the MailChimp Mail Provider module for WHMCS you need to register at MailChimp Transactional (Mandrill) website https://login.mailchimp.com/signup and get the API Key by navigate to the settings page of your transactional email account and look for the API keys section @ https://mandrillapp.com/settings then copy the API key after that enter the API key in the MailChimp Mail Provider module also you can test configuration before saving the API key.
      Features
      API Key Test configuration Configuration confirm message Error activity log For more details and screenshot visit the product page
      https://www.hardsoftcode.com/products.php?p=product&a=mailchimp-mail-provider
       
      What is MailJet?
      Mailjet is an email solution designed for both marketers and developers. Mailjet allows them to create, send, and track marketing and transactional emails via a user interface or APIs. Mailjet’s user interface is available in 5 languages (English, French, German, Spanish, and Italian) and enables marketing teams to create, test, and send emails. Its drag & drop email builder helps users create responsive emails. The user management and content locking enables companies to better control their brand image and accounts. Mailjet’s infrastructure can send up to 15M emails/hour (per user) via their Email API, even during peak sending periods. The proprietary architecture of Mailjet is based on low-level optimized code and a distributed cache strategy, which allows it to achieve the rapid processing. Mailjet is ISO27001 certified and GDPR compliant.
      Why do you need MailJet Mail Provider?
      The unofficial MailJet Mail Provider module give WHMCS the ability to send emails through MailJet SMTP service by going to Configuration > System Settings > General Settings > Mail tab > Click Configure Mail Provider and activate the MailJet Mail Provider
      How it works?
      After activating the MailJet Mail Provider module for WHMCS you need to register at MailJet website https://app.mailjet.com/signup and get the REST API by navigate to Account settings > Master API Key then copy the API key and secret information after that enter the API information in the MailJet Mail Provider module also you can test configuration before saving the API key.
      Features
      API Key and secret Test configuration Configuration confirm message Error activity log For more details and screenshot visit the product page
      https://www.hardsoftcode.com/products.php?p=product&a=mailjet-mail-provider
       
      What is SendPulse?
      SendPulse is an integrated messaging platform providing user communication that includes emails, SMS, Web Push, SMTP and more. This solution includes 15,000 free emails per month. SendPulse also includes tools to manage users. This solution can be used on all devices. SendPulse is a cloud-based marketing solution that allows users to manage email, text messaging and push notifications through a single platform. It is suitable for small and midsize businesses. SendPulse's email features allows users to set up emails with a drag-and-drop editor and ready-made templates.
      Why do you need SendPulse Mail Provider?
      The unofficial SendPulse Mail Provider module give WHMCS the ability to send emails through SendPulse SMTP service by going to Configuration > System Settings > General Settings > Mail tab > Click Configure Mail Provider and activate the SendPulse Mail Provider
      How it works?
      After activating the SendPulse Mail Provider module for WHMCS you need to register at SendPulse website https://sendpulse.com and activate REST API by navigate to Account settings > API then setup the API to get the ID and Secret information after that enter the API information in the SendPulse Mail Provider module also you can test configuration before saving the API key.
      Features
      API ID and secret Test configuration Configuration confirm message Error activity log For more details and screenshot visit the product page
      https://www.hardsoftcode.com/products.php?p=product&a=sendpulse-mail-provider
    • By HardSoftCode
      Allow your staff to change the user password by entering a new password and send it to the user so that he can login. You may get an email from a user asking you to change his password but WHMCS starting from version 8 admin will not have the ability to change the user password from the admin area that’s why we created the change user password module it will allow the admin to go to the client > manage users form the manage user drop-down menu you can select change password.
      Features
      Change password form clients > manage users Change password from client profile > users tab Send email notification to the user Email template One click to change password For more details and screenshot visit the product page
      https://www.hardsoftcode.com/products.php?p=product&a=change-user-password
    • By ModulesGarden
      With the new Beta version of WHMCS 8.0 on the loose, we are going to great lengths to make all our modules work spotlessly in the updated system, and this can only mean diligent compatibility tests followed by the set of refreshments introduced to each product. As a matter of fact, quite a few of them are already confirmed to work flawlessly in the Beta environment, these are:
      Asterisk VoIP Center For WHMCS - v1.2.16 Client Area Designer For WHMCS - v1.1.6 Client Area Popup For WHMCS - v1.2.6
      We have ensured several ways for you to easily supervise the ongoing progress:
      Monitor daily the official Forums thread – this is the go-to place to find out the compatibility status of any module available in our offer. Enter our Product Marketplace and seek products labelled with the green “WHMCS V8.0” tag. Follow closely our Facebook and Twitter profiles as we issue regular posts on each new version of our software.
      On a further note, please bear in mind the WHMCS V8.0 release is yet in the Beta phase. We strongly advise you to refrain from installing any of our modules in this new environment until they receive due optimizations.



      Need Custom Software Development For Your Business?
      Get Your Free Quote Now! Specially for you we will adapt an application and its design to your own needs, create a new module or even a completely new system built from scratch!
    • By sokalsondha
      Hello everyone.
      i hope everyone is doing great. i need again some help from the community. hope someone correct my invoicepdf tpl file so it can complete my demand.
      i have done some modify but  i can't understand how to fix some more.
       
      i want to make my invoice like this

       
      and this is my current code. its already modified mostly
       
      <?php
      # Logo
      $logoFilename = 'placeholder.png';
      if (file_exists(ROOTDIR . '/assets/img/logo.png')) {
          $logoFilename = 'logo.png';
      } elseif (file_exists(ROOTDIR . '/assets/img/logo.jpg')) {
          $logoFilename = 'logo.jpg';
      }
      $pdf->Ln(5);
      $pdf->SetFont($pdfFont, 'B', 15);
      $pdf->SetFillColor(255);
      $pdf->SetFont($pdfFont, '', 16);
      $pdf->Cell(100, 6, "My Bill Summary", 0, 1, 'L', '1');
      $pdf->Image(ROOTDIR . '/assets/img/' . $logoFilename, 120, 25, 75);
      # Company Details
      $pdf->SetXY(15, 70);
      $pdf->SetFont($pdfFont, '', 13);
      foreach ($companyaddress as $addressLine) {
          $pdf->Cell(180, 4, trim($addressLine), 0, 1, 'R');
          $pdf->SetFont($pdfFont, '', 9);
      }
      if ($taxCode) {
          $pdf->Cell(180, 4, $taxIdLabel . ': ' . trim($taxCode), 0, 1, 'R');
      }
      $pdf->Ln(5);
      # Clients Details
      $pdf->SetXY(15, 70);
      $pdf->SetFont($pdfFont, 'B', 10);
      $pdf->SetFont($pdfFont, '', 9);
      if ($clientsdetails["companyname"]) {
          $pdf->Cell(0, 4, $clientsdetails["companyname"], 0, 1, 'L');
          $pdf->Cell(0, 4, Lang::trans('invoicesattn') . ': ' . $clientsdetails["firstname"] . ' ' . $clientsdetails["lastname"], 0, 1, 'L');
      } else {
          $pdf->Cell(0, 4, $clientsdetails["firstname"] . " " . $clientsdetails["lastname"], 0, 1, 'L');
      }
      $pdf->Cell(0, 4, $clientsdetails["address1"], 0, 1, 'L');
      if ($clientsdetails["address2"]) {
          $pdf->Cell(0, 4, $clientsdetails["address2"], 0, 1, 'L');
      }
      $pdf->Cell(0, 4, $clientsdetails["city"] . ", " . $clientsdetails["postcode"], 0, 1, 'L');
      $pdf->Cell(0, 4, $clientsdetails["country"], 0, 1, 'L');
      if (array_key_exists('tax_id', $clientsdetails) && $clientsdetails['tax_id']) {
          $pdf->Cell(0, 4, $taxIdLabel . ': ' . $clientsdetails['tax_id'], 0, 1, 'L');
      }
      $pdf->Ln(10);
      $pdf->Ln(10);
      $pdf->Ln(10);
      # Header Bar
      /**
       * Invoice header
       *
       * You can optionally define a header/footer in a way that is repeated across page breaks.
       * For more information, see http://docs.whmcs.com/PDF_Invoice#Header.2FFooter
       */
      $pdf->SetFont($pdfFont, 'B', 15);
      $pdf->SetFillColor(239);
      $pdf->SetFont($pdfFont, '', 12);
      if ($customfields) {
          foreach ($customfields as $customfield) {
              $pdf->Cell(125, 6, $customfield['fieldname'] . ':                                                            ' . $customfield['value'], 0, 1, 'L', '1');
          }
      }
      $pdf->Cell(125, 6, "Invoice Number " . ':                                                               ' . $invoiceid, 0, 1, 'L', '1');
      $pdf->Cell(125, 6, "Bill Issue Date" . ':                                                              ' . $datecreated, 0, 1, 'L', '1');
      $pdf->Cell(125, 6, "Billing Period" . ':                                                              ' . $datecreated, 0, 1, 'L', '1');
      $pdf->Ln(10);
                                           
      $startpage = $pdf->GetPage();
      # Invoice Items
      $tblhtml = '<table width="70%" bgcolor="#ccc" cellspacing="1" cellpadding="2" border="0">
          <tr height="30" bgcolor="#efefef" style="font-weight:bold;text-align:center;">
              <td width="80%">' . Lang::trans('invoicesdescription') . '</td>
              <td width="20%">' . Lang::trans('quotelinetotal') . '</td>
          </tr>';
      foreach ($invoiceitems as $item) {
          $tblhtml .= '
          <tr bgcolor="#fff">
              <td align="left">' . nl2br($item['description']) . '<br /></td>
              <td align="center">' . $item['amount'] . '</td>
          </tr>';
      }
      $tblhtml .= '
          <tr height="30" bgcolor="#efefef" style="font-weight:bold;">
              <td align="right">' . Lang::trans('invoicessubtotal') . '</td>
              <td align="center">' . $subtotal . '</td>
          </tr>';
      if ($taxname) {
          $tblhtml .= '
          <tr height="30" bgcolor="#efefef" style="font-weight:bold;">
              <td align="right">' . $taxrate . '% ' . $taxname . '</td>
              <td align="center">' . $tax . '</td>
          </tr>';
      }
      if ($taxname2) {
          $tblhtml .= '
          <tr height="30" bgcolor="#efefef" style="font-weight:bold;">
              <td align="right">' . $taxrate2 . '% ' . $taxname2 . '</td>
              <td align="center">' . $tax2 . '</td>
          </tr>';
      }
      $tblhtml .= '
          <tr height="30" bgcolor="#efefef" style="font-weight:bold;">
              <td align="right">' . Lang::trans('invoicescredit') . '</td>
              <td align="center">' . $credit . '</td>
          </tr>
          <tr height="30" bgcolor="#efefef" style="font-weight:bold;font-size:14px;">
              <td align="right">' . "Total Amount Due" . '</td>
              <td align="center">' . $total . '</td>
          </tr>
      </table>';
      $pdf->writeHTML($tblhtml, true, false, false, false, '');
      $pdf->Ln(5);
      if ($status == 'Unpaid'){
      $html = "<h2 style=\"color:red;\">&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;Please pay by ${duedate} </h2>";
      $pdf->writeHTML($html, true, false, false, false, '');
      $pdf->Ln(10);
      $pdf->SetFont($pdfFont, 'B', 15);
      $pdf->SetFillColor(239);
      $pdf->SetFont($pdfFont, '', 10);
      $pdf->Cell(125, 6, "Failure to pay your account in full may result in loss of service.", 0, 1, 'L', '1');
      $pdf->Cell(125, 6, "Reactivation of your service could take up to 7 days and will incur a fee. ", 0, 1, 'L', '1');
      $pdf->Ln(10);
      }
      # Notes
      if ($notes) {
          $pdf->Ln(5);
          $pdf->SetFont($pdfFont, '', 8);
          $pdf->MultiCell(170, 5, Lang::trans('invoicesnotes') . ': ' . $notes);
      }
      /**
       * Invoice footer
       */
      ============================
      can someone please correct the code so my pdf invoice will be looks same like the image i provide
       
       
      thanks everyone and plesae stay safe
    • By Carlos Henrique
      I am working on a VPN service and plan to use WHMCS as follow:
      VPN server will be configured as WHMCS servers and the user have access to all of then. The users will be authenticated on the server by a certificate signed by the service root CA. WHMCS will have a provision module that generates a certificate whenever a new subscription is active. WHMCS will have a provision module to install and monitor VPN services on the servers. User should be able to request the download certificate from the server via API and client area. In this scenario, the following features are good to have, need to confirm if it is possible:
      To generate the certificate, the user should send a CSR to WHMCS so it return a valid certificate. Each user might have a limited, plan based, number of certificates, to use on different devices for example. I would like to know if my understanding of WHMCS is correct and use it is possible to use it as I planned.
      Thanks. :)
  • Recently Browsing   0 members

    No registered users viewing this page.

×
×
  • Create New...

Important Information

By using this site, you agree to our Terms of Use & Guidelines and understand your posts will initially be pre-moderated