New Topic

WHMCS Feature Requests Topic Idea Admin Area

Force Client/Admin logout after a set period of time.

Anonymous shared this idea 6 years ago

Under Consideration

If a user is idle for too long, for security purposes, it would be nice to have some control of forcing the logged in user to be logged out after input field: XX Select option menu: (seconds, minutes, hours, days).

- Removed Link -

I like this idea 0

Comments (11)

ramf ● 6 years ago

You are right,

Also i think that there should be a way to force password change for WHMCS administrators.We want to make sure that every given time all the operators will have to change the password to the system.

Reply URL

Carl G ● 6 years ago

I think this could be done using the php.ini file no?

check for

session.cookie_lifetime

...don't know if this would work with whmcs, but it cost nothing to try it :)

Reply URL

Sherwin Flight ● 6 years ago

This would be a useful feature.

Reply URL

Sherwin Flight ● 6 years ago

Carl G wrote:

I think this could be done using the php.ini file no?

check for

session.cookie_lifetime

...don't know if this would work with whmcs, but it cost nothing to try it :)

- It does sound like this would work. The only negative thing I can see with this is that it would change the setting for ALL sessions, not just the ones for WHMCS. In some cases some sessions should last longer.

Would be much more effective to have this feature built-in to WHMCS.

Reply URL

Matthew Theakston ● 6 years ago

yep this be great

Reply URL

CDJ HOSTING ● 6 years ago

Sherwin Flight wrote: - It does sound like this would work. The only negative thing I can see with this is that it would change the setting for ALL sessions, not just the ones for WHMCS. In some cases some sessions should last longer.

it could be done from an htaccess (apache servers) in the admin directory if only admin, or in the base of whmcs if for the whole installation, you can look up the cookie and updated its expire time if its passed whatever time you choose.

Reply URL

Carl G ● 6 years ago

CDJ Hosting wrote:

Whmcs should always (well... preferably) hosted on a separate server, or vps. Not very secure otherwise : i heard about some ways to hack whmcs if it's hosted on a shared hosting server ;-)

Reply URL

afrttoh ● 6 years ago

php.ini did not work with me

Reply URL

Show All

jayps ● 4 years ago

Sorry to re-open such an old thread... Has any progress been made with adding this as a feature to WHMCS? Sure, there are other ways of doing it, but it would really be a great feature to have. Messing around with php.ini or .htaccess could be fine but it's not the optimal solution that is wanted by users.

Reply URL

Hamed Khoramyar ● 2 years ago

If CLEF is integrated, this will be automatically available: https://requests.whmcs.com/topic/clef-login-module

Reply URL

Malith perera ● 1 year ago

please add it?

Reply URL