How can we improve WHMCS?

Share, discuss and vote for what you would like to see added to WHMCS

Control SSL Status Monitoring per Product

  • Frank Feingold shared this idea 5 years ago
  • Client Area

Starting with WHMCS 7.7.0 SSL monitoring has been introduced. It currently appears to check for a valid SSL certificate for All products/services that are:

  • Hosting Account
  • Reseller Account
  • Dedicated/VPS server

We'd like to see an option on the specific service to override/disable the SSL check.

In our case, we have a particular type of VPS that we sell that comes with a software firewall. The client configures the firewall so they have access to the VPS and the VPS has a valid SSL. WHMCS on the other hand, does not have access to their VPS so the SSL check shows an invalid SSL.

This causes two issues:
  • WHMCS shows an invalid SSL when there really is one (WHMCS just can't check it)
  • The VPS firewall logs the fact that WHMCS tried to connect to the VPS (to check the SSL status)

Both of these are are causing a number of un-necessary support tickets.

It would just be a lot more flexible if the SSL check could be turned off on a per product/service level.


Login to post a comment.

This has a large interest to disable the option for ssl monitoring. Any update on this after 3 years?
If modules like SolusVM, Proxmox and so on are used, WHMCS destroys the complete functionality with this monitoring. Eternal loading times are the consequence, if the hostname is not resolvable.
Since WHMCS encrypts the whole code and there is no way to prevent the whole thing by hook, we will have to switch away from WHMCS.
I would like to turn off this function completely, this is because of servers that will not resolve and always give error.
Also, clients feel there is somethng wrong when they see a red icon and call us for this.
Please add the basic functionality of switching it on and off.
Edit the clientareadomains.tpl template, line 51 comment out the html line that reference $domain.sslStatus->* . You might also want to disable it on clientareaproducts.tpl too, in case you have a lot of hosting plans. On the domain/product detail you will still see it, but that should be ok, it is no longer abusing.
Hiding it from the user wasn't the problem we were facing. That was pretty easy to fix. For us, if you are using a VPS / Cloud type module (e.g. OnApp or Proxmox) then the clientarea page load for any page that interacts with the server is ridiculously slow. I'm talking 10 to 15 seconds to load each page. Module Garden looked into this and eventually determined it wasn't their code, it was the SSL check having to time-out on products that don't ( and never will) run a web server. We've had to redefine all the products as "other" rather than "server" which is the only way we can find to turn this thing off and make our client portal useable again.

Not being able to disable this is simply ridiculous. Just because something is a server doesn't mean it runs a web server. And we don't even sell SSL certs so why would we care anyway? Just crazy.
Yes, that's true, the load on the server is significant. We have over 700 domains, and we need to turn this thing off.

But at least we can hide the red icon that is alarming our clients.

We need to keep on top of WHMCS until the give us the ability to disable this.
The cURL call for clients showing 100 domains at once is indeed a massive waste of resources. Is WHMCS even looking at this? What is the point of feature requests?
Unfortunately when removing the CSS code the underlying cURL call remains active. With each day 100 domains being scanned I'd very much welcome a solution by the WHMCS devs.
We hid this unwanted up-sell feature with CSS. It remains broken for more than a year.

It's very clear that WHMCS is making money off of this feature. They have what seems like hundreds of options to turn on/off at will, but this one remains uncontrollable. This feature was added at the same time as their SSL up-sell integration. They are re-selling SSL certificates, making a profit from it themselves, and trying to push us and our clients into selling those certificates.

I recommend that you hide this unwanted "feature" ASAP.

Find the custom.css file in your installation and add the following lines:

.ssl-state {
display: none;

Hope that helps.
Just upgraded today and am floored that this new SSL Monitoring baloney can't be turned off. Seriously?
There needs to be an option to disable this "feature". We've spent the last week trying to work out why page-loads in the client area for VPS products take 15 seconds! It's all because this the SSL check. The only way we can move forward is to redefine our products so they are "other" not "server" so the SSL check isn't performed. Otherwise this feature makes WMHCS unusable for our hosting business. What a crazy feature to force on everyone.
The fact that this can't be disabled is crazy. If we have products that are "servers" (like cloud or VPS) they get checked for SSL (which we don't even sell). And it's causing huge delays in rendering pages for modules that talk to our hosting platform (OnApp, Proxmox etc). 10 to 15 second delays for every page load that's a "server" product that doesn't actually run a web site. We removed the remnants of this from the UI easily enough, but having this impact on server management for our clients is just unacceptable. We need to be able to disable this "feature"
It's absolutely absurd we don't have the option to turn this off. We don't want this showing up for our clients domains.
Another vote for giving us the option to disable this feature. It's a cumbersome addition that (in our case) isn't ever going to be used.

When a new feature like this is introduced, then we absolutely must have the option to turn it off.
Really need ability to disable this future for specified products. I have a lot of custom modifications for whmcs template and functionality so this future just slow down service pages and don't do anything for my customers