Separate names with a comma.
Discussion in 'Servers and Hosting' started by Licensecart, Mar 21, 2014.
Which billing system do you use for your business? I use Blesta and have done since May 2013.
WHMCS with a few Modules Garden add-ons.
WHMCS just because it's awesome.
I use Blesta!! I like it alot more than whmcs due to myself not having to update it all the time.
We haven't updated since Thursday, February 20th, 2014 and also you don't need to update all the time just if you get hacked or compromised don't blame WHMCS.
WHMCS still has security issues in its core, they may have done an audit but I still know there are issues.
Everything will have security issues, I am sure Blesta does just not enough people use it to attack it yet... WHMCS is a massive project which lots of people use, who would you attack BIG or small?
I would attack all. I dont discriminate.
I don't mean it like that, I mean it in their eyes all they're looking at is getting money etc.... I would go for BIG as you will have a lot more systems you can compromise and get a ton of money where as on small you have a select few which you have to look for.
That is true, and that is why I do not keep credit card information on my system the only information i can see within the billing system is the last four of the credit card number any other info i can not see. Nor have access to the information
Nah Blesta has been checked by security experts who report exploits in software and report bugs for whmcs directadmin and hostbill. 1 team found nothing in blesta and the other found 1 vulnerability which was patched. Now whmcs they tried to be clever and patched up, the localhost guy then found the same exploit but a different file. Because of localhost they patched up every few days. You can't say whmcs is being attacked for being big.. They are being attacked for bad coding skills.
It is more fun to attack someone that has a big part of the market share since it is more likely to be famous.
Compare Windows and Mac, there are security holes in Mac but no one "cares" to exploit it since there is no fame in doing so.
Microsoft on the other hand is more "fun" since it so big and more people will be effected by the vuln.
Well I suppose however, PHP.NET removed Register Globals function because of it's massive security holes... guess what? WHMCS made their own Register Globals function which is what an attacker found and exploited it... Why on earth would someone try and re-create a function which has been DEPRECATED as of PHP 5.3.0?
They still have it as it's all in their core.
http://www.exploit-db.com/exploits/29065/ (PS: this one doesn't work as off 5.2.9) they made edits to make sure that it can't work.
I'm sure they created a work around to wait for the re write in the next major version.
I'm not trying to take any side, I know (as I lived with the constant updates) pretty darn well what it cost to take your site down.
Currently I only use WHMCS as my site, hopefullly I will get the time to do something about it soon.
They would need to re-write WHMCS completely to fix the issues they have, and we know WHMCS are too lazy to do that. Think of everything they would need to re-write, modules, plugins, core, etc everything. ClientExec sort of did a re-write for CE5 and they don't have as much issues like WHMCS.
Blesta 3.x.x is a complete re-write and none of it is the same as 2.5
If Blesta can do it, I'm sure that Whmcs can do it.
They have the ability to do it but will they? that is the question
WHMCS I believe has started replacing bad parts of their code slowly but they have to be careful when doing so because a lot of the 3rd party plugins will break if they change the way WHMCS works internally. They did that a while back and had to revert back because it broke a lot of things.
If I remember right I think its when they change the file that connects to mysql. It broke almost all 3rd party apps.
Which is why you should always build things with an API in mind.
WHMCS just needs to fix a few core files and then it will be fine, nothing is invincible for hackers so Blesta will get attacked one day and I will laugh