«
»

Securing WHMCS

From WHMCS: WHMCS is a complete all-in-one client management, billing & support solution primarily designed for Web Hosts but also applicable to many other types of online businesses. Packed with features but with a core focus on remaining easy to use and customise, WHMCS enables you to easily and effectively manage your business while automating many routine tasks.

Many Hoster use WHMCS, to manage billing and support because ease of use and simplicity. But WHMCS need to be secured, using SSL so all the information key in by clients and admins can’t be tap by others. Btw you should have done security steps explained on http://wiki.whmcs.com/Further_Security_Steps to tighten up your WHMCS installation.

The steps for Securing WHMCS using SSL is summarize from WHMCS Forum, and I am using url http://clients.hoster.com for example, so lets get start!!
1. Get SSL Certificate on your sub-domain (clients.hoster.com). No I wont tell you how because it’s off the discussion. Sorry.

2. Open ‘Configuration’ -> ‘General Configuration’
Set WHMCS System URL to https://clients.hoster.com/ (note the s within https)
Set WHMCS SSL System URL to empty

3. Add this code into .htaccess in your WHMCS root folder

RewriteEngine on
Options +FollowSymlinks

#Rewrite the URL for WHMCS to always use https except for the whmcs/dl.php file
RewriteCond %{REQUEST_URI} !^/admin/cron.php [NC]
RewriteCond %{REQUEST_URI} !^/dl.php [NC]
RewriteCond %{REQUEST_URI} ^/ [NC]
RewriteCond %{SERVER_PORT} !^443$
RewriteRule ^(.*)$ https://clients.hoster.com/$1 [R=301,L]

#Rewrite the URL for WHMCS dl area to always use http
RewriteCond %{REQUEST_URI} !^/admin/cron.php [NC]
RewriteCond %{REQUEST_URI} ^/dl.php [NC]
RewriteCond %{SERVER_PORT} !^80$
RewriteRule ^(.*)$ http://clients.hoster.com/$1 [R=301,L]

That’s it!! Now everytime clients access http://clients.hoster.com/ they’ll redirected into https://clients.hoster.com/ and rest assured that all the information they entered or see no one else will know

SocialTwist Tell-a-Friend

No related posts.

Related posts brought to you by Yet Another Related Posts Plugin.

This entry was posted on Sunday, June 14th, 2009 at 10:32 pm and is filed under Freelance, Web and System Administrator. You can follow any responses to this entry through the RSS 2.0 feed. You can leave a response, or trackback from your own site.

Leave a Reply

CommentLuv Enabled