Change the current structure of encryption from mcrypt
-
Raymond Belden shared this idea 7 years ago
- Other
- 2 Comments
3
Votes
I'm wondering why at this point WHMCS is still using mcrypt and not something like Libsodium. Currently there are multiple security flaws with mcrypt. Not to mention the php-dev team are setting it up for it's "viking funeral" :P
Featured Comment
Thanks for your suggestion. Mcrypt was used by parts of Google recaptcha v1. Since that's discontinued we removed that dependency from the core software in 7.1.
It remained a requirement for the OpenSRS module until 7.6, at which point it was also replaced.