I run a two week free trial period for my hosting. It seems this is getting abused now and with no conversions. Most do not bother to verify their email address and I think the sign up is spam related. As an added step before a free hosting period is provisioned it would be useful to insist that the email must be verified to cut down on fake signups. I cannot see an option for this currently.
50 fake signups yesterday, and 50 today, and each one has to be deleted manually, so painful.
sahostking
commented
1 month ago
lets see if they take this seriously. They keep monitoring votes on a feature request instead of also looking at "importance".
Audrey Kinlok
commented
1 month ago
We are getting 30 bot signups per day, many with fake email addresses. I cannot see why this has not been implemented.
Richard Osborne
commented
2 months ago
Currently we are dealing with between 10 and 30 fake signups per day. Restricting access to the client area before email verification would really help.
Valentin Scerbacov
commented
18th June
Absolutely MUST be implemented!!!
Mr. P
commented
4th April 23
Its been 3 years now and this feature is not yet implemented. However whmcs team is busy adding NordVPN and stuffs which no one requested.
Official Response
WHMCS
commented
3rd June 23
Hi Mr. P, With an average of just 10 votes each year, this request hasn't garnered as much support as some other suggestions. The higher trending requests are more likely to be considered first. Please do keep advocating for this suggestion and we can potentially consider it in future.
Official Response
WHMCS
commented
19th August 21
Hi all, Thanks for this suggestion and your votes and comments. Please do keep supporting it!
In the meantime domain registration and module creation functions can be aborted based upon custom conditions which you can specify using these action hook points:
So all official modules from WHMCS will be using this Hooks? Because problem is with WHMCS modules only.
Kamil Porembiński
commented
28th June 21
This should be a standard, because WHMCS is not GPDR ready.
Heiko
commented
16th March 20
Agree with this. Will add an additional security layer and prevent dummy email addresses. We encounter clients create dummy email addresses which causes unnecessary admin tasks.
Thibaut Robert
commented
19th October 18
It's really important to implant this fonctionnality.
Michael Koontz
commented
3rd October 18
This would definitely cut down on spam registrations! Please consider implementing this!
Jonathon Lucas
commented
20th September 18
Don't know why this wasn't added when they added the basic email verification - this would prevent a lot of SPAM orders and shouldn't be a lot of work.
David H
commented
14th September 18
I have again had another run of registrations with emails that do not exist. One even an attempt at a paid service that failed at the checkout card capture.
Any update on this please?
Bünyamin Akçay
commented
1st August 18
Agree. But free services should exclude, like yoqmail, freemail.
Ramouz
commented
27th July 18
I agree about forcing email verification. I'm extremely surprised by how many users DON'T want to confirm their email (they've been clients for years though!).
18 Comments
Login to post a comment.
With an average of just 10 votes each year, this request hasn't garnered as much support as some other suggestions. The higher trending requests are more likely to be considered first. Please do keep advocating for this suggestion and we can potentially consider it in future.
Thanks for this suggestion and your votes and comments. Please do keep supporting it!
In the meantime domain registration and module creation functions can be aborted based upon custom conditions which you can specify using these action hook points:
- https://developers.whmcs.com/hooks-reference/domain/#preregistrarregisterdomain
- https://developers.whmcs.com/hooks-reference/module/#premodulecreate
You could write some PHP to review the client's isEmailAddressVerified() value within the Client Class: https://classdocs.whmcs.com/8.1/WHMCS/User/Client.html#method_isEmailAddressVerified
And if it evaluates to false, return the appropriate abort response to prevent the action.
Will add an additional security layer and prevent dummy email addresses.
We encounter clients create dummy email addresses which causes unnecessary admin tasks.
Any update on this please?
But free services should exclude, like yoqmail, freemail.