Security Plus+ Adds another layer of protection to your installation of WHMCS, by providing the following key features
File change monitoring.
Keep tabs on all files, being notified when any changes occur.
Permanent log of all file system changes and upgrades.
Client profile data validation.
Hook to detect suspected hacker attempts via SQL form injection – Automatically ban IP to allow further review by support staff.
Fully automated file and database backup system.
Full and incremental file backups (no more wasted space with only full backups)
Remote storage support for FTP, SSH (SFTP) and Dropbox.
Scheduled via cron job.
Supports moving of downloads, crons and attachment folders as per WHMCS recommended settings.
Detect and block disposable, one-time, throwaway, temporary email addresses.
Validate email addresses at registration time via api with http://www.block-disposable-email.com/. (requires registration, and includes 200 free look-ups per month).
Optionally block free emails (gmail, yahoo, etc..).
Optionally validate domain has an MX record in DNS.
Optionally validate domain exists and is not expired.
Brute Force login detection.
Detect and ban IP addresses trying to guess your clients usernames and passwords on the client login page.
Block clients placing multiple fraud orders.
Clients with a current order marked as “fraud” can optionally be prevented from placing more orders.
Client Email Validation.
Force clients to validate their email address with an activation code before being allowed in the client area. (templates fully customizable to fit your needs).
Proxy IP Address Detection.
Set a limit on the number if unique clients that can login from a single IP address (usually indicates a proxy being used to hide hacker identities).
Optionally ban the IP for review by your support staff.
Integration with FraudRecord.com fraud checks. (See www.fraudrecord.com for full feature list)
Automated fraudrecord checks on every order.
Runs in parallel to built-in Fraud checks provided by WHMCS (Maxmind, VariLogix, etc..) which allows you to do fraud checks from multiple sources.
Settings available for admin notification and/or automatically setting order to fraud status.
Ability to enable automatic re-checks of clients fraudrecord scores, notifying admins of any changes in the future. Keep up to date with all your clients activities.
- More info: https://securityplus.griffinhosting.com/
- Support WHMCS 7.0 or higher
- PHP 5.6 to PHP 7.2 support
- Rename config.php.new to config.php and edit info