The Security tab in General Settings allows you to configure security-related features. You can enable and configure captcha protection and email verification, set password strength and ban lengths, set a whitelist, and more.
We sometimes release security updates to address important issues and vulnerabilities that could affect your WHMCS installation. We recommend downloading security updates as soon as possible.
You can configure WHMCS to use an encrypted MySQL® database. This requires additional steps to add settings to your configuration.php file.
NGINX® can't read the .htaccess file that WHMCS uses, so NGINX users must take additional steps to protect sensitive directories.
Our development cycle refines WHMCS to ensure a great experience with new features, fixes, and security updates for supported versions.