Connor Moody
shared this idea
1 year ago
4
Votes
Login to Vote
In terms of security, having the ability to rotate out the CC Encryption key for all encrypted data within WHMCS would be extremely useful and beneficial.
Even if it's a function in the WHMCS classes like WHMCS\Encrpytion\Rotate($newKey) - that goes through all the encrypted database fields - unencrypts them and re-encrypts them with the new new key.
It would also be nice to be able to integrate with an external encryption service / key management service to store the CC Encrpytion hash so that it is not just stored in plain text in the configuration file.
Even if it's a function in the WHMCS classes like WHMCS\Encrpytion\Rotate($newKey) - that goes through all the encrypted database fields - unencrypts them and re-encrypts them with the new new key.
It would also be nice to be able to integrate with an external encryption service / key management service to store the CC Encrpytion hash so that it is not just stored in plain text in the configuration file.
2 Comments
Login to post a comment.
WHMCS\Encryption\Rotate($newKey)to handle re-encrypting database fields is a practical idea. Moreover, integrating with an external encryption or key management service to securely store the encryption key would provide an extra layer of protection, aligning with best practices for sensitive data handling.https://idlebreakout.org/