Results 1 to 10 of 10
  1. #1

    Most secure billing and automation software?

    The thread on WHMCS security issues has brought up an interesting question:

    What is the most secure billing and automation software available to small web hosts? Ubersmith Lite, AWBS, ModernBill, or ClientExec?

    Features aren't the most important thing to us; security is.

  2. #2
    Join Date
    Mar 2005
    Posts
    327
    don't forget WHMAutopilot
    Waveweb Technologies
    http://www.waveweb.com
    Customer Service Guarantee

  3. #3
    Join Date
    Sep 2007
    Location
    Vancouver
    Posts
    741
    Quote Originally Posted by msm25 View Post
    don't forget WHMAutopilot
    I try too.

  4. #4
    Join Date
    Mar 2003
    Location
    United States
    Posts
    3,683
    Well, in the case of WHMCS, it wasn't an issue with the software itself. I'm of the opinion that most of the billing software out there is fairly secure. You don't typically here of many exploits at all. When you do, as with the WHMCS issue, you tend to hear about the fix before you hear about those who are exploited.

    This is an industry where your security reputation is everything. I don't think any product can afford to be lax in that arena.

    Also, I think you'll be challenged to find anything that's 100% secure in this industry. It ultimately depends upon who wants to get in.
    Last edited by CrazyTech; 01-09-2008 at 11:52 PM.

  5. #5
    ModernBill is better and AWBS is worse than others according to me. Because many bugs occurred frequently. But all of the providers fix the issues by updating softwares quickly.
    domainCart - PHP / AJAX Domain and Hosting Order Script | WHMCS Alternative
    Supports 700+ domain extensions, 27+ payment gateways, multi-currency with auto exchange..
    www.domaincart.net | Demo (all in one - without template)

  6. #6
    Join Date
    Sep 2004
    Posts
    1,909
    WHMCS was exploited but to my knowledge, security wise was not effected. They had a breach to their server and the ioncube encryption used on the code was broken but I don't think this will effect any of their current users. It is sad that this happens to many in this industry.

    If people can hack into the CIA or FBI, what makes you think that these same malicious individuals can not hack into a web hosting site / server. It can happen to anyone at anytime.

    I continue to wish Matt the very best and I know for certain that he has one of the top billing systems in the current market along with Ubersmith and the ultimate all-in-one solution, H-Sphere.


  7. #7
    Join Date
    Dec 2001
    Posts
    1,194
    I personally think WHMCS is the best out currently. Modern Bill seems to be having more and more problems and is nowhere near as user friendly as the others.

    AWBS i dont know enough about to comment on.

    WHMAutopilot is okay, but i find WHMCS easier to install, update, integrate, and easier on the end user. It also looks better.

    WHMCS seems to always be on top of things and i think this recent issue will just push them to make an already great solution better and more secure.

    Despite the recent event i dont think i could think of a better solution than WHMCS.
    www.boxedhost.com
    COMING SOON!
    A Resellers Dream, In a Box

  8. #8
    Fan of WHMCS myself but as far as security goes there are so many things that can go wrong or be exploited that all of the systems have most likely had issues at one time or another. Not at the fault of the system itself, but these systems rely on external packages as well, sql, apache, php, whatever.. It's the user's responsibility to ensure that all packages and open services on the server are kept updated which is where most of these problems come from.

  9. #9
    Join Date
    Aug 2004
    Location
    Canada
    Posts
    3,785
    Quote Originally Posted by jasonBV View Post
    Fan of WHMCS myself but as far as security goes there are so many things that can go wrong or be exploited that all of the systems have most likely had issues at one time or another. Not at the fault of the system itself, but these systems rely on external packages as well, sql, apache, php, whatever.. It's the user's responsibility to ensure that all packages and open services on the server are kept updated which is where most of these problems come from.
    UH?

    Security issues in PHP applications comes almost always as a result of the application not something it's running. Not validating input coming in is a common issue. Others include remote include vulnerabilities so that outside php scripts can be put on the server.

    These billing systems all encrypt pretty much everything so it really is a good way to help protect themselves. But as we're seeing with WHMCS when the code is out there in the open it is not pretty. So I think switching to another system is not going to do you much good as that code will end up showing up on the internet as well.
    Tony B. - Chief Executive Officer
    Hawk Host Inc. Proudly serving websites since 2004
    Quality Shared and Cloud Hosting
    PHP 5.2.x - PHP 8.1.X Support!

  10. #10
    Quote Originally Posted by TonyB View Post
    UH?

    Security issues in PHP applications comes almost always as a result of the application not something it's running. Not validating input coming in is a common issue. Others include remote include vulnerabilities so that outside php scripts can be put on the server.

    These billing systems all encrypt pretty much everything so it really is a good way to help protect themselves. But as we're seeing with WHMCS when the code is out there in the open it is not pretty. So I think switching to another system is not going to do you much good as that code will end up showing up on the internet as well.
    Yes... I was referring to other software utilized on the system, not the billing software itself. I agree that the most common way these billing systems are exploited is through injection vulnerabilities or exploitation of sloppy coding. But, in addition the supporting software has to be kept updated as well or it's just another avenue to get in through the front door..

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •