Whmcs security update

With many hundreds or more domains in the system, it was literally DOSing yourself each time it ran. You stated this: " if you don't find the security updates or bug fixes useful , you don't have a reason to upgrade then. That was clearly intended to make it appear I don't care about it, when in fact there were none for my version that weren't implemented. Basically, devote a large chunk of time to resolving this, move to a version that's even more bloated, and pay for the privilege.

Please link to the docs where it explains that bit about removing the includes to do whatever you want. A flag, setting, parameter. Call it what you want. You're able to disable it. Removing it from templates doesn't require edits "all over". It's two files. That's weird. On our 3 installations, it's only checking active services, as it should. No, it wasn't. You said nothing useful was added in any of the updates.

Wouldn't you think that I was out of my mind if I was still on version 1. It's not described in the documenation. WHMCS advises you to make customization to the menu by hooks - and it's great for modules.

If a module needs to add a menu item, the module can do so by hooks. Everything is basically HTML and can be changed. See this:. The point to the use of hooks is that disabling the prebuilt menu items removes the usefulness of that menu system.

No blame here. I'm frustrated that a security issue that was present in the version I run will not be addressed though it was present when it was released and I still had active support. I'm also frustrated that I'm being forced to upgrade to a new version along with all the additional work that generates in order to get something serious fixed.

None that are very good, but I've been using it for a lot of years since long before Cpanel was ever involved; ask Matt. The whole "you could move to something else" is an argument I've heard countless times to defend something like this. It's as pointless as ever, I'm afraid. Feel free not to respond and prolong your participation, as it's just dragging the conversation to the point the mods will simply close it. Yes new features are nice but when your developers are spending time making the "Admin" SEO friendly, yes that's right, a place which search engine spiders can't even access has been given SEO friendly URLs and yet the front end isn't even properly SEO friendly without a huge amount of custom hackery try getting google to properly index anything other than your default language in a vanilla WHMCS and it has actually gotten worse, not better with newer versions.

That says it all in my book. It's not uncommon in the B2B market to have very long supported versions and pieces of software because your target is not a regular consumer. It's a business. As such they have other things to do than upgrading critical platforms every year. This is more true because every new release they take 5 years to fix bugs and 10 years to add features. No, I'm not joking. WHMCS does take 5 years to fix some bugs, and you can check their feature request page, years is an understatement.

So they expect their customers to keep 2 years upgraded to date, but they make zero commitment to add or fix things in the same period.

If you add to this third party softwares and customizations, 2 years is not that much to test everything. I'm running always the latest supported version for a reason. The patch is 1 file and a few lines of code. It takes an hour to apply this to other versions.

If they cannot do that, then I would seriously reconsider my programming skill. Most security patches in a software like WHMCS work the same for all versions because its usually just fixing some syntax or adding a new check on PHP which will work on all versions.

The rest of the files in the patch are just related to the actual file fixed. No, they are not asking too much. There are tons of bugs that are not fixed from new version to new version. How do you explain that to your customers? Sorry, we cannot fix this because we're using a software to which we don't have the source code and even if we want, we cannot fix it. How do you even fix something that is behind PHP encoded files? You can't. This can be tomorrow, or never.

You really think people here are not upgrading because they are lazy or just don't want to run on the latest and greatest? That is not the reason. It's because of compatibility issues and bugs. It can really destroy your business and put your installation in an inoperable state until what you need is fixed.

This is why most people that do run some business or customers on WHMCS test every new release and upgrade for days first before rolling from developing to production. And trust me, most find new bugs on every new release.

Some are not even minor but huge bugs. And most of the time, they are also happy trigger to completely remove functions someone is using daily.

If you are running on a supported version, the patch is just uploading a few files, but I can completely understand if someone now is forced to do a full upgrade of their installation. Bye, bye weekend What to do if you get a Down for Maintenance or update in Progress message after uploading a patch set.

If, after uploading the files from a Patch Set, you see a "Down for Maintenance" or "update in progress To complete the update you will need to download the latest Full Release version and update using the regular update process above. Our support team is always available to answer any questions or concerns you might have when performing updates. Services Contents. If we released an update recently, you may need to click Check for Updates before the update will display.

Custom Admin Directory? Custom Cron Directory? Custom File Permissions? You must reapply these changes after the update is complete. Was this article helpful?

Yes No. How can we improve this article? Your email optional Send. Thank you for your feedback! We read all the feedback we receive and use it to improve our documentation.

If you have any issues updating your WHMCS installation or applying the patch, you can contact our support team at www. Liked this article? Share it. Recommended Articles. Security Advisory January 28th, Maintenance Releases for 7.

Security Patch Released for 7.