• Howdy! Welcome to our community of more than 130.000 members devoted to web hosting. This is a great place to get special offers from web hosts and post your own requests or ads. To start posting sign up here. Cheers! /Peo, FreeWebSpace.net

I'm looking for something more secure

Schmarvin

Cross Industries
NLC
Lately, I've been having a lot of people breaking into my WHMCS. I know its not my server security, because they would have locked me out of my server.

So, is there any software that does the same as WHMCS but is more secure?
 

jphilipson

New Member
Well, how are they breaking in? Are they using a password or a script exploit. Check the access logs for the site to see what they are doing. Sounds like it may be password sniffing or malware - do you always access with a secure URL?
 

eSupun

New Member
WHMCS is a well built billing system which has a very good security compared to other billing scripts. So I can't recommend you another beyond WHMCS.

I am wondering how these hackers get in?
Probably you haven't tweaked WHMCS to avoid hackers. Also this may happen if you have an outdated version of WHMCS.

If neither of my suggestions are working for you, contact WHMCS support and describe your situation. Maybe they can help you.

But, Ah!
There is one another billing system which can be compared to WHMCS. It's name is ClientExec. You can give it a try if you decided not to be with WHMCS anymore.
 

Schmarvin

Cross Industries
NLC
Well, how are they breaking in? Are they using a password or a script exploit. Check the access logs for the site to see what they are doing. Sounds like it may be password sniffing or malware - do you always access with a secure URL?
No external scripts were used. Access logs say a few breach attempts at brute entry. The IPs keep getting banned. There is no secure URL. As I have never needed one. None of the information is touched. :/ It seems someone just breaks in to change settings in the backend.

WHMCS is a well built billing system which has a very good security compared to other billing scripts. So I can't recommend you another beyond WHMCS.

I am wondering how these hackers get in?
Probably you haven't tweaked WHMCS to avoid hackers. Also this may happen if you have an outdated version of WHMCS.

If neither of my suggestions are working for you, contact WHMCS support and describe your situation. Maybe they can help you.

But, Ah!
There is one another billing system which can be compared to WHMCS. It's name is ClientExec. You can give it a try if you decided not to be with WHMCS anymore.
I will try to secure it again. But, I'm not sure what else to do. If all else fails, I may have to contact WHMCS directly. Also, I keep it up-to-date, so that should not be a problem. I try to keep on top of the situation. But, I guess since I've been away and without full contact to a computer daily, I probably need a better way of staying on top of security.
 

Tracker

PROFILE NOT FOUND
Staff member
NLC
You can get ssl's cheap from various domain providers... I like namecheap myself but most places have them for around $10~
 

Eric_HE

New Member
I'm surprised this issue,I agree that WHMCS is a well built billing system.With respect to ssl,I do not recommend it.As you mentioned brute entry,you can ban the IP if tried several attempts.
 

ExpertWebHost

Active Member
You may try any billing system and if it is without SSL, most probably your login details will be sniffed and you are susceptible to a hack. As a host we must have SSL in place to get the best of security for ourselves and our customers personal information.
 

Seanieb

New Member
a verified non chained RapidSSL cert is $15-20 a year. Peace of mind for you and your customers is worth a lot more than that.

Better password practices wouldnt hurt either.
 

HostPair

Member
Hi,

To increase your whmcs security rename your whmcs admin folder, then re-issue your license and use ssl.
 

~ServerPoint~

New Member
Lately, I've been having a lot of people breaking into my WHMCS. I know its not my server security, because they would have locked me out of my server.
I believe you need to use another pass only to be able to access there with more security.
 
Top