WHMCS Latest Exploit -- Will You Keep Using WHMCS?

[visiba]

Matt released a new Blog post

http://blog.whmcs.com/?t=80970

Good step forward to do an internal AND external audit. Hopefully they choose a reliable partner for the external audit this time.

 

[Alex - A2 Hosting]

We use WHMCS, at this time we have not stopped using it as it meets the feature spec we need right now (with a lot of custom develop put into it such as our end user support system).

Instead of ceasing to use WHMCS we have implemented numerous security measures to protect our installation such as Incapsula etc

Hopefully WHMCS will improve their software as the competition is stepping up really fast.

 

[LampNetworks]

I just feel like these exploits are getting out of hand. I've lost count of how many times I have had to nervously apply a patch (which inevitably breaks more) as a result of Matt's crappy software.

I completely agree but what are the alternatives when you have mission critical modules integrated. What's worse is the canned replies from support and their blasé attitude when they have broke your set-up. They need to lose income to real competition before they'll do anything any different.

 

[easyhostmedia]

What's worse is the canned replies from support and their blasé attitude when they have broke your set-up.

I agree, also what get me is their replies treat their clients like naughty schoolchildren as they always seem to try and blame the user for the issues and never their software.

And if you do find an issue and they can replicate the issue its always

I've been able to replicate these issues on my end as well, and do find this to be an issue within the software. I've opened case #3670 with our developers in order to have this resolved for future releases. Unfortunately, I cannot provide an estimated time for completion for this. However, once we resolve cases and push features they are available at our change log, here:

http://changelog.whmcs.com/

I apologise for the inconvenience, and appreciate your patience as we work to resolve this.

which is a great help ( NOT) to clients that have issues

 

[HostLumina]

Indeed. The replies and lack of communication in general when all the exploits where been released is what pushed us to look at alternatives.

We have been testing and customising Blesta for the last few weeks.... solid software still needs further module support but solid.

 

[NocRoom]

The thing is, doesn't matter billions of people on this earth and growing. hackers get smarter to hack things, whats good about whmcs they notice and act on it vs others :shh:

 

[cheapdedicated]

@agentblack take a look at CE 5.0 there are some very nice features coming out especially if chat is important.

We still run with HB, luckily we got in before the pricing went crazy, and so far it is doing a good job for us (although we do have a few niggles) ..

ClientExec is Improving in their new release, but for me even with the few artists WHMCS have had, I would still recommend WHMCS for usability and versatility. The team has also responded pretty well in trying to respond to these attacks. It's not hard to see why WHMCS had to be attacked, It meant sense to attack them since they among the best.

 

[Julien@HS]

We are also using whmcs, we got it deeply theme to our needs. The only alternative we might try is ClientExec 5, probably released soon.

 

[multiplecloud]

WHMCS alwasy keep security update which not good

 

[ChromeHost-Sid]

The one thing I like about WHMCS is the security flaws are discovered quickly and the fixes are quick to be released.