Michael D. Posted October 18, 2013 Report Share Posted October 18, 2013 Hello,Unfortunately another exploitable hole has been found in the billing software we use and offer called WHMCS. Until this exploit is patched our support system will be unavailable and we will perform any required tasks via email. The email addresses are support,billing,sales @mddhosting.com.We are still here and working - so if you need anything just shoot us an email to the appropriate address and we'll handle your issues.We have investigated on our end and verified that we have not been hit with this exploit and no data has been viewed or stolen by a third party.This action is required to keep your client information safe and we apologize for any inconvenience this may cause you. Quote Link to comment Share on other sites More sharing options...
Brad Posted October 19, 2013 Report Share Posted October 19, 2013 Is this an exploit that has been discovered after they released the Oct 3rd patch? Quote Link to comment Share on other sites More sharing options...
Michael D. Posted October 19, 2013 Author Report Share Posted October 19, 2013 It's a new exploit - one on October 3, and now one on October 17. We're in the process of putting a web application firewall between the internet and our WHMCS installation so that we can bring it back online securely as well as putting some targeted rules in our internal firewall specific to this exploit. Quote Link to comment Share on other sites More sharing options...
Michael D. Posted October 19, 2013 Author Report Share Posted October 19, 2013 Our billing system is now behind a Web Application Firewall that will catch and stop exploit attempts such as these. In addition to this - we've placed some specific mod_security rules for WHMCS in our Corporate Server to help prevent anything specific to WHMCS should it somehow slip past our Web Application Firewall. Lastly - a patch is available. We have updated and should now be secure from the original exploit even without the WAF and the mod_sec rules, but three layers of security is better than none. Quote Link to comment Share on other sites More sharing options...
Michael D. Posted October 19, 2013 Author Report Share Posted October 19, 2013 I tried to send out an email to all of our customers running WHMCS, however, it appears the "Mass Mail" feature of WHMCS is broken in 5.2.9. I will be sending out direct emails one-by one so I apologize if you don't get this message quickly. I'm posting a copy here for those that are watching: A patch has been issued for the critical WHMCS security issue we emailed you about around 9 hours ago. You can get the incremental patch from http://blog.whmcs.com/?t=80223 if you're already on version 5.2.8. You can download the full version of the patched version 5.2.9 from our support system if you are not on 5.2.8 currently.Directions for getting the full version:1. Log into our support system at http://www.mddhosting.com/support/2. Select "Services" in the top navigation bar, it is the second option from the left.3. Select "My Services" in the drop-down menu.4. Click "View Details" next to the Reseller or Dedicated Server account that you purchased with included WHMCS.5. Across the top you will see a tab titled "Downloads", and once you click on it you will see WHMCS Listed. Simply click on the "Download" link to begin the download.WHMCS themselves provide the absolute best support for their software and direct support is available at https://www.whmcs.com/members/submitticket.php?step=2&deptid=13 .Any support issues pertaining to the installation, upgrade, integration, or management of WHMCS should be directed to their support department.You can get upgrade assistance directly from WHMCS at http://www.whmcs.com/services/upgrade-service/ if you require it. Quote Link to comment Share on other sites More sharing options...
Michael D. Posted October 19, 2013 Author Report Share Posted October 19, 2013 All of our customers that have a WHMCS License from us have been notified via email. We are now going to close out this issue as resolved, however, you are welcome to post any questions you may have. Quote Link to comment Share on other sites More sharing options...
Recommended Posts
Join the conversation
You can post now and register later. If you have an account, sign in now to post with your account.