WHMCS Encourages Users to Upgrade as Part of Important Security Update

Add Your Comments

WHMCS is encouraging all users to update their WHMCS installation to the latest version 5.3.9 as part of an important security patch.

According to a WHMCS security blog post on Tuesday, the update includes changes to IP detection logic in conjunction with the use of proxies.

“If using services such as CloudFlare, or any other similar public or private proxy service, to proxy traffic to your WHMCS installation, you will need to perform additional steps post upgrading in order to keep IP detection functioning correctly,” WHMCS said.

The update also includes an update to the low-level cryptographic routines used for admin authentication, according to WHMCS. After the release of 5.3.9 an issue was discovered related to admins with Two-Factor Authentication enabled prior to upgrading to the latest version. WHMCS provided a Hot-Fix for these users to apply after doing the 5.3.9 core update.

WHMCS said the update brings end of life for the Ensim server module (which hasn’t been supported since December 2007) as well as the E-Gold and PayOffline gateway modules. Customers actively using these modules should refer to the release notes.


Subscribe Now and Get Our Exclusive Report on "The Hosting Infrastructure Ecosystem"

Enter your email to receive messages about offerings by Penton, its brands, affiliates and/or third-party partners, consistent with Penton's Privacy Policy.

Related Forum Threads

About the Author

Nicole Henderson is the Editor in Chief of the WHIR, where she covers daily news and features online. She has a bachelor of journalism from Ryerson University in Toronto. You can find her on Twitter @NicoleHenderson.

Add Your Comments

  • (will not be published)