Jump to content

V4.1 Feedback

Ashley

By Ashley
in Feedback

 Share

Recommended Posts

  • Replies 95
  • Created
  • Last Reply

Top Posters In This Topic

Popular Days

Top Posters In This Topic

Popular Days

ozace Member

ozace

Posted
Posted

Just want a list of changed modules/templates - should only be a few in the full module from the beta - I am quite comfortable with re-installing, but have made a number of changes in the system and want to make sure my changes don't impact on needed upgrades.

 

I could certainly do the compare but would have expected that anyone who went through the beta would also like to know the differences and why would we re-invent the wheel and all do the comparison ?

 

cheers

 

Jim

0
Link to comment
Share on other sites
  • WHMCS CEO
Matt Senior Member

Matt

Posted
  • WHMCS CEO
Posted

Hi,

 

If you were running the 4.1 beta previously, you should just update all the encoded files - as you can't customise those you won't lose anything you've done. Templates don't need any updates from beta to stable.

 

Matt

0
Link to comment
Share on other sites
thehost5968 Senior Member

thehost5968

Posted
Posted

Becoues you should never rely only on a change logas that is just bad practice. So if one of your clients came to you to upgraded there site would you just read the change log then just upload the upgrade or would you not read the change log then do the upgrade by compare?

0
Link to comment
Share on other sites
ozace Member

ozace

Posted
Posted

I was trying to save myself time in comparing everything - the key answer that I got from Matt will do that for me - no template changes. Now I need to update just the modules that are shown in the 4.0 to 4.1 upgrade Wiki

 

Jim

0
Link to comment
Share on other sites
thehost5968 Senior Member

thehost5968

Posted
Posted

resets all passwords? you mean it changes all the P/W of the client's.

I now it is only done and used by admin but I see this as a big Security hole for hacker to go for.

 

as it is already not hard to find site that use WHMCS just with one google search I can find about 100 to 200 site's that use WHMCS so i will upgraded when we can ether remove it or it is just not there. Shame the new version looks good but not to good to just put up with this

0
Link to comment
Share on other sites
  • WHMCS CEO
Matt Senior Member

Matt

Posted
  • WHMCS CEO
Posted

Hi Simon,

 

Why is it a security risk in your opinion? If a hacker has gained access to your admin area to be able to switch the new MD5 pw setting on or off then you've already been compromised so the hacker has access to all your data anyway. Just being able to find an install does not mean you can hack into it and the addition of this option doesn't make it any more or less secure. Although of course we still don't recommend using the non-md5 option but lots of users demanded it back when V4 was released without it.

 

Matt

0
Link to comment
Share on other sites
thehost5968 Senior Member

thehost5968

Posted
Posted

Couse the new MD5 pw setting on or off could now be the prize for them to try to. and to my knowledge there is not a billing script with this option in it or if it has it, it is only a option given only once and that is in the install or upgraded step's and is not a switch but just a set-up option.

 

Also just think if you had a worker in there last week and on there last day they got to that switch and changed it ! now I would have all my clients with new PW and it would be a hell sortting it all out as for the most of us are client change (like they should) these pre-set PW.

 

So all I ask is if I / others need could we put in a support ticket in for you to supply the page the switch is showing on in admin but without the option showing on it.

 

Also why the users that requested this could not just do as 99% of all Good host's do and ask the client to supply the login details as and when is just beyond me or have had this as a addon.

0
Link to comment
Share on other sites
thehost5968 Senior Member

thehost5968

Posted
Posted

But - if customers always paid for goods we would never have shop lifters.

 

But - if works where good they would never take money from the till.

 

Is it not best to remove the source of a but then to say but it should not or if only!

 

Come on we all have used the boss's details some time in the past or seen the detail.

0
Link to comment
Share on other sites
baileysemt Junior Member

baileysemt

Posted
Posted

No Simon, that doesn't justify your request. If you are running a tight ship and have things set up properly, your employees do not have your (the boss's) login credentials.

 

I run multiple installations of this software, and we have gone through the hassle of making sure everyone has ONLY the permissions/access they are supposed to have. But as a result we don't have to worry about an employee breaking the system or deleting data.

 

The proper response is, get serious about YOUR security, and set YOUR installation and people up correctly.

 

Software developers should not cripple the software to accommodate customers' sloppy security practices!

 

B.

0
Link to comment
Share on other sites
Speedy059 Senior Member

Speedy059

Posted
Posted

I just don't see the big issue. Once someone has full access to your billing software, i'm sure they'll be going through all the support tickets and clients information looking for server information for them to use. I don't think they'll care about passwords as much as server information.

0
Link to comment
Share on other sites

Join the conversation

You can post now and register later. If you have an account, sign in now to post with your account.

Guest
Reply to this topic...

×   Pasted as rich text.   Paste as plain text instead

  Only 75 emoji are allowed.

×   Your link has been automatically embedded.   Display as a link instead

×   Your previous content has been restored.   Clear editor

×   You cannot paste images directly. Upload or insert images from URL.

×
 Share
Go to topic listing

  • Recently Browsing   0 members

    • No registered users viewing this page.
×
×
  • Create New...

Important Information

By using this site, you agree to our Terms of Use & Guidelines and understand your posts will initially be pre-moderated

  I accept