Security Plus+ Adds another layer of protection to your installation of WHMCS, by providing the following key features

  • File change monitoring.
    • Keep tabs on all files, being notified when any changes occur.
    • Permanent log of all file system changes and upgrades.
  • File md5 verification against source files provided by WHMCS and 3rd party addons.
    • Quick verification of installed files – know right away whether they match original md5 fingerprints and are in the correct location.
  • Client profile data validation.
    • Hook to detect suspected hacker attempts via SQL form injection – Automatically ban IP to allow further review by support staff.
  • IP Blacklist provided by OpenBL.org.
    • Download known hackers IP addresses and automatically add to ban system in WHMCS.
    • Syncronize your hosts.deny file and automatically add known ssh brute force attackers.
  • Fully automated file and database backup system.
    • Full and incremental file backups (no more wasted space with only full backups)
    • Database backups.
    • Remote storage support for FTP, SSH (SFTP) and Dropbox.
    • Scheduled via cron job.
    • Supports moving of downloads and attachment folders as per WHMCS recommended settings.
  • Detect and block disposable, one-time, throwaway, temporary email addresses.
    • Validate email addresses at registration time via api with http://www.block-disposable-email.com/. (requires registration, and includes 200 free look-ups per month).
    • Optionally block free emails (gmail, yahoo, etc..).
    • Optionally validate domain has an MX record in DNS.
    • Optionally validate domain exists and is not expired.
  • Brute Force login detection.
    • Detect and ban IP addresses trying to guess your clients usernames and passwords on the client login page.
  • Block clients placing multiple fraud orders.
    • Clients with a current order marked as “fraud” can optionally be prevented from placing more orders.
  • Client Email Validation.
    • Force clients to validate their email address with an activation code before being allowed in the client area. (templates fully customizable to fit your needs).
  • Proxy IP Address Detection.
    • Set a limit on the number if unique clients that can login from a single IP address (usually indicates a proxy being used to hide hacker identities).
    • Optionally ban the IP for review by your support staff.
  • Integration with FraudRecord.com fraud checks. (See www.fraudrecord.com for full feature list)
    • Automated fraudrecord checks on every order.
    • Runs in parallel to built-in Fraud checks provided by WHMCS (Maxmind, VariLogix, etc..) which allows you to do fraud checks from multiple sources.
    • Settings available for admin notification and/or automatically setting order to fraud status.
    • Ability to enable automatic re-checks of clients fraudrecord scores, notifying admins of any changes in the future. Keep up to date with all your clients activities.
  • Now includes one year FREE Comodo PositiveSSL certificate (with an annual subscription), or $10 off any other SSL product we offer. (for the first year only).
    • Secure your WHMCS installation with SSL encryption.

Order now for only $19.95 Per Year OR $2.00 Per Month! (free 30 day trial also available).




Please consider donating to OpenBL.org for the service they provide.
See – http://www.openbl.org/donations.html