WHMCS don't take security seriously

[GCJHOSTING]

I love whmcs for a billing system, but I have found there support to be awful at times, I have waited up to nearly 4 days to get a issue resolved and even after for days, they still have not resloved my issue.

 

[imort]

So they want me to use an insecure connection between servers, because they cant release working software.

If you're worrying about insecure connecting between your servers you can configure iptables on both of them so you can be sure that only your servers can connect each other.

I didn't think that it is a problem worth to worry about so much

P.S. And I didn't work for WHMCS!

 

[whmcsguru]

So they want me to use an insecure connection between servers, because they cant release working software.

Temporarily, yes. Nothing wrong with that.
The techs don't have access to WHMCS unencoded files, so they're not going to be able to provide you with an on demand fix.

This is pretty standard. Wait for a patch and patch it.

why didn't WHMCS QA team test it before they released the version?

WHMCS QA does a good bit of work, and relies rather heavily on user testing as well. With any piece of software, it's not possible to detect each and every bug before release, especially when you're talking a major upgrade here (which 6 was).

This doesn't mean WHMCS doesn't take security seriously, it just means that a bug was found, which they'll resolve (likely already have given the thread's age) and a user threw a fit because they wouldn't fix it immediately for them.