If you are a provider, selling VPS for the general public this very simple but yet extremly effective WHMCS hack from Joe Dougherty @ Securedragon (known as KuJoe on Lowendtalk and ZKuJoe on WHT) is recommended for all of you.
This hack doesn’t allow the end-user to select their VPS password but instead generates a random one for the user.
This does not only fix the problem with users choosing a too-simple password, but also the users that actually sets a password with certain special characters that would break SolusVM’s API and cause your VPS to be created without an IP assigned to it.
open
1 2 3 |
/templates/orderforms/<template you are using>/configureproduct.tpl |
for your convenience here is a link to a textfile with both lines.
(WordPress does have a problem pasting this code 🙂 )
Hi Security is major concerns about the web. but whmcs billing system does the better job in case of security. random password generator is best function, that create highly secure and unbreakable password.
Thanks for the password creation detail in whmcs.
-Edit- I removed the link you posted, you should know better then that.