One-time verification to stop spam on ticket system
I believe this is simple and good solution for eliminate 100% of ticket spam:
1) whmcs receive new ticket
2) if the email come from a client, ticket bypass verification
3) if the email come from a unknown address, whmcs send a message back, asking to click on a link to verify if this is not a spam
4) if the link is clicked the ticket is accepted and the EMAIL is saved on a database table, so in the future is not necessary a new verification from the same email address.
With this, only messages from registered clients and click-verified emails will be accepted as tickets.
The verification only occur one time for unknown email address. Your customer with a non-registered email address wil perform the verification only one time.
This feature should be OPTIONAL on ticket system, and have a tool to delete old emails on database, example: delete all verified emails that not open a ticket on last 1 year - with this tool the table with "verified emails" will not grow forever.
As OPTIONAL feature on WHMCS.
support department settings:
Client only:
Clientarea Only:
Security settings:
captcha: on when not logged in.
Those should help you out.
It's not really a solution as tickets can be created in various departments by someone sending an email, whether the email is spam or not.
3rd point is a good point when you don't want to limit your support only to your customers.
If you allow only your customers to open a ticket then you will lost many new customers who want to ask a question or clear a doubt.
New customers can always email for information. This stops the script kiddies and saves the WHMCS security issues. God knows how many. This is by no means a fix, its a way to stop hacks. Thanks for the suggestions.
Kunnu, the only new customers i have had in 3 weeks have signed up with false information and tried to test the hacks on WHMCS, i really don't care about new customers at this point in time, deleting fake customers is a waste of time for me.. Not to say, i don't want new customers, i am just fed up.. A total lockdown is what I'm trying to achieve at the moment, yet i still want a useful package. Seems a little impossible at the moment.,, But I'm still trying.. I have also tried IP blocks for most apart from some countries which i have customers from. But even script kiddies from the states try every day... Cheers
Comments have been locked on this page!