👀 Choose SSD-powered VPS servers for increased speed, power, and security! Now 50% off- starting from only $3.19/mo.
This video tutorial provides Step-by-Step instructions for how to secure your WHMCS installation.
Users of WHM Reseller Hosting with free WHMCS can reference our WHMCS Guides to supplement the official WHMCS documentation.
Transcript from the video above:
How to Secure Your WHMCS Installation
This demo assumes you have already installed WHMCS. Now, let’s take a few steps to bolster its security.
First, open your favorite FTP client or your control panel’s file manager. We recommend moving all writable directories to a non-public location above your web root to prevent web-based access.
Create a new directory at the root level. Then, navigate back to your main WHMCS directory and select the attachments, downloads, and templates_c directories. Move these folders into the new root-level directory you just created. That’s it—the folders have now been moved.
Next, rename the admin directory. This adds an extra layer of security through obscurity and helps prevent malicious users from attempting to log in to the admin area.
Finally, you need to tell WHMCS about the changes to its directory structure. Edit the configuration.php file and update the
templates_compiledirvariable accordingly. Then, add the variables for the attachments and downloads directories. Lastly, add the variable that tells WHMCS the new name of the admin directory.When you are finished, save and close the editor.
Now, let’s make sure everything works. Log in using the new admin directory location. Success—your WHMCS installation has now been secured.
This concludes the tutorial. You now know how to secure your WHMCS installation.
Conclusion
You now know how to secure your WHMCS installation.
