Feature Requests
Share ideas, discuss and vote on requests from other users in community
 
This object is in archive! 

Better account security

Andre shared this idea 6 years ago
Under Consideration

I would like to see some additions in terms of security measures to protect customer accounts from getting hacked/abused. These measures could be optional (e.g. each WHMCS client can decide whether they want to use it or not). Some suggestions:

- More elaborate brute force protection.

In the current situation, if a single IP submits 3 incorrect login attempts, the IP would be temporarily banned. But what if a hacker would use a botnet with many different IPs? This should be simple to overcome. If any account receives X incorrect login attempts within X minutes (regardless of where those attempts came from), access to that account could be disabled for X amount of time (and a notification to the client would be sent).

- Multi-factor authentication

For example; customer wants to login: enters email/password. Upon correct submission of login details, SMS gets sent with authentication code, which would need to be entered before proceeding to the client area. This could also be enabled/disabled per client, to satisfy the preferences per user (some care more about security, some care more about being able to login real quick). Note: the SMS authentication method is just an example, there are also other possibilities.

- Confirmation before removal of services

When a customer wants to cancel any service, there should be a mechanism that puts the request on hold until the an admin confirms that the service should actually be removed. The intention would be to make sure that if a customer's account gets hacked, the hacker cannot destroy data, cancel domains, and things like that. By first requiring admin approval, the admin could first call (or contact in some other way) the customer to make sure he/she actually wants the service to be terminated.

- Allowing client logins only from specific IPs

It would be nice if it were possible to restrict logins to specific client accounts to specific IPs. This already exists for the API but not for the client area. Additionally, just like the manage2 cPanel interface, when a customer tries to login from a non-whitelisted IP, an alternative procedure (like answering security questions, or SMS authentication, ...) could be used to obtain access.

Comments (2)

photo
2

Client area brute force protection is a no-brainer. We're seeing more and more of these attacks everyday.

photo
1

WHMCS has two of the features you requested.

Multifactor authentication: https://www.whmcs.com/two-factor/

Confirmation before removal of services: You can go to the automation section of WHMCS and select the option that makes removal of services manual. Then when you receive a request, the staff team at your SP can send him a email, or perform any other step necessary.

I do like the ideas for account based locking during failed logins. However I don't believe IP locking would not be a good idea when it comes down to clients. Most of my clients have dynamic IPs (however, I do target the consumer market). It would most likely result in many requests to reset the IP lock so they can login.