Get Paid to Participate - up to $1 per post!     Twitter     Facebook     Google+
Hosting Discussion
 

forgot password?



Reply


Old
  Post #1 (permalink)   10-05-2012, 11:55 AM
HD Wizard
 
Join Date: Mar 2005
Location: Atlanta, GA
Posts: 2,264

Status: handsonhosting is offline
A new WHMCS Security Alert has been issued today. It has to do with a gateway module called "Boleto". It is advised to change the permissions on the /modules/gateways/boleto/ folder or remove the folder if you don't need that module.


http://forum.whmcs.com/showthread.ph...Security-Alert
__________________
Emerson Nogueira
http://www.HandsOnWebHosting.com
cPanel Web Hosting, Domain Registration, Managed VPS Servers
 
 
The Following 3 Users Say Thank You to handsonhosting For This Useful Post:
agentblack (10-06-2012), Artashes (10-06-2012), easyhostmedia (10-07-2012)


Old
  Post #2 (permalink)   10-05-2012, 07:03 PM
HD Newbie
 
Join Date: Sep 2012
Posts: 37

Status: fliphost is offline
It appears that WHMCS is becoming a steady target for hackers these days.
__________________
FlipHost - Premium Web Hosting Solutions
24/7/365 Tech Support // 99.9% Uptime Guarantee // Free Site Move
Take your site to the next level with fliphost.com shared hosting solutions
 
 
 


Old
  Post #3 (permalink)   10-05-2012, 08:16 PM
HD Addict
 
Join Date: Apr 2011
Location: Varna, Bulgaria
Posts: 100

Status: rds100 is offline
It is a good idea to just delete / chmod 000 any modules which you are not using. Not just for payment gateways but also for registrars, etc.
 
 


Old
  Post #4 (permalink)   10-06-2012, 03:34 AM
HD Addict
 
Join Date: Jan 2012
Location: Indianapolis Indiana
Posts: 145

Status: agentblack is offline
Thanks for the heads up HandsOn! Always glad to see others looking out for each other.
__________________
Agent Black Web Hosting - Stop being an account number, come to the host who treats you like the individual you are. Offering Shared, Cloud Servers, Dedicated Servers, and Domain Name Registrations.
 
 
 


Old
  Post #5 (permalink)   10-06-2012, 07:24 AM
HD Guru
 
HostLeet's Avatar
 
Join Date: May 2009
Location: Florida, USA
Posts: 874

Status: HostLeet is offline
I got the notification from WHMCS about it this morning as well. Thanks for sharing.
__________________
HOSTLEET.COM, LLC - Elite Website Hosting Since 2008!
Fast Reliable Affordable Secure Friendly & Courteous
RISK-FREE Money Back Guarantee PCI-Compliant Checkout
 
 
 


Old
  Post #6 (permalink)   10-06-2012, 10:33 PM
HD Wizard
 
Join Date: Mar 2005
Location: Atlanta, GA
Posts: 2,264

Status: handsonhosting is offline
Yeah WHMCS was a little late with their emails. They had a posting on twitter and it was nearly 10 hours later that I received the email saying that there was an exploit. Always good to follow them on twitter!

As for them becoming a regular target - that's what happens when you're good. They've had their issues in the past, but it's still one of the best web hosting billing/support system out there.

I'll also second the statement from rds100 about removing modules - this should be true in any software package. People like to include various modules in software packages, but really, just remove anything you're not using, and if it's hard coded into a system, remove the code for faster speeds.
__________________
Emerson Nogueira
http://www.HandsOnWebHosting.com
cPanel Web Hosting, Domain Registration, Managed VPS Servers
 
 
 


Old
  Post #7 (permalink)   10-10-2012, 07:57 AM
HD Newbie
 
Join Date: Oct 2009
Location: wv
Posts: 40

Status: Kolten is offline
Yeah they tell you to delete the folder is your best bet from your directory.
__________________
HostFi - Affordable Hosting Solutions
Web Hosting Starting @$1.95/Month
cPanel, Instant Setup & 24x7 Phone Support
www.hostfi.com
 
 
 
Reply

Thread Tools

New Post New Post   Old Post Old Post
Posting Rules:
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts
vB code is On
Smilies are On
[IMG] code is Off
HTML code is Off
Trackbacks are On
Pingbacks are On
Refbacks are On
Sponsored By: