Results 1 to 10 of 10
-
01-09-2008, 09:52 PM #1Junior Guru Wannabe
- Join Date
- Oct 2007
- Posts
- 58
Most secure billing and automation software?
The thread on WHMCS security issues has brought up an interesting question:
What is the most secure billing and automation software available to small web hosts? Ubersmith Lite, AWBS, ModernBill, or ClientExec?
Features aren't the most important thing to us; security is.
-
01-09-2008, 10:32 PM #2Web Hosting Guru
- Join Date
- Mar 2005
- Posts
- 327
don't forget WHMAutopilot
-
01-09-2008, 11:11 PM #3Web Hosting Master
- Join Date
- Sep 2007
- Location
- Vancouver
- Posts
- 741
-
01-09-2008, 11:37 PM #4Web Hosting Master
- Join Date
- Mar 2003
- Location
- United States
- Posts
- 3,683
Well, in the case of WHMCS, it wasn't an issue with the software itself. I'm of the opinion that most of the billing software out there is fairly secure. You don't typically here of many exploits at all. When you do, as with the WHMCS issue, you tend to hear about the fix before you hear about those who are exploited.
This is an industry where your security reputation is everything. I don't think any product can afford to be lax in that arena.
Also, I think you'll be challenged to find anything that's 100% secure in this industry. It ultimately depends upon who wants to get in.Last edited by CrazyTech; 01-09-2008 at 11:52 PM.
Denver Hunter | Webmaster | Library of Biz - Side Hustles, Small Business & Professional Growth
-
01-10-2008, 09:52 AM #5Web Hosting Master
- Join Date
- Dec 2005
- Posts
- 4,504
ModernBill is better and AWBS is worse than others according to me. Because many bugs occurred frequently. But all of the providers fix the issues by updating softwares quickly.
▓ domainCart - PHP / AJAX Domain and Hosting Order Script | WHMCS Alternative
▓ Supports 700+ domain extensions, 27+ payment gateways, multi-currency with auto exchange..
www.domaincart.net | Demo (all in one - without template)
-
01-10-2008, 10:46 AM #6Web Hosting Master
- Join Date
- Sep 2004
- Posts
- 1,909
WHMCS was exploited but to my knowledge, security wise was not effected. They had a breach to their server and the ioncube encryption used on the code was broken but I don't think this will effect any of their current users. It is sad that this happens to many in this industry.
If people can hack into the CIA or FBI, what makes you think that these same malicious individuals can not hack into a web hosting site / server. It can happen to anyone at anytime.
I continue to wish Matt the very best and I know for certain that he has one of the top billing systems in the current market along with Ubersmith and the ultimate all-in-one solution, H-Sphere.
-
01-10-2008, 11:21 AM #7Web Hosting Master
- Join Date
- Dec 2001
- Posts
- 1,194
I personally think WHMCS is the best out currently. Modern Bill seems to be having more and more problems and is nowhere near as user friendly as the others.
AWBS i dont know enough about to comment on.
WHMAutopilot is okay, but i find WHMCS easier to install, update, integrate, and easier on the end user. It also looks better.
WHMCS seems to always be on top of things and i think this recent issue will just push them to make an already great solution better and more secure.
Despite the recent event i dont think i could think of a better solution than WHMCS.
-
01-10-2008, 01:13 PM #8Newbie
- Join Date
- Jul 2005
- Posts
- 22
Fan of WHMCS myself but as far as security goes there are so many things that can go wrong or be exploited that all of the systems have most likely had issues at one time or another. Not at the fault of the system itself, but these systems rely on external packages as well, sql, apache, php, whatever.. It's the user's responsibility to ensure that all packages and open services on the server are kept updated which is where most of these problems come from.
-
01-10-2008, 03:26 PM #9Web Hosting Master
- Join Date
- Aug 2004
- Location
- Canada
- Posts
- 3,785
UH?
Security issues in PHP applications comes almost always as a result of the application not something it's running. Not validating input coming in is a common issue. Others include remote include vulnerabilities so that outside php scripts can be put on the server.
These billing systems all encrypt pretty much everything so it really is a good way to help protect themselves. But as we're seeing with WHMCS when the code is out there in the open it is not pretty. So I think switching to another system is not going to do you much good as that code will end up showing up on the internet as well.█ Tony B. - Chief Executive Officer
█ Hawk Host Inc. Proudly serving websites since 2004
█ Quality Shared and Cloud Hosting
█ PHP 5.2.x - PHP 8.1.X Support!
-
01-10-2008, 04:11 PM #10Newbie
- Join Date
- Jul 2005
- Posts
- 22
Yes... I was referring to other software utilized on the system, not the billing software itself. I agree that the most common way these billing systems are exploited is through injection vulnerabilities or exploitation of sloppy coding. But, in addition the supporting software has to be kept updated as well or it's just another avenue to get in through the front door..