Fast2Host Logo

WHMCS Setup Tutorials

How to secure your WHMCS installation

How to secure your WHMCS installation

This demo assumes you've already installed WHMCS.

Now let's take some steps to bolster its security.

Open your favorite FTP client or your control panel's File Manager.

We recommend moving all writeable directories to a non-public location above your web root to prevent web based access.

Let's create a new directory at the root level.

Then navigate back to our main WHMCS directory...

... and select the attachments, downloads and templates_c directories.

Next, move these folders to the new root-level directory we created.

That's it! The folders have been moved.

Next, let's rename the admin directory to add some security through obscurity. This will help prevent malicious users from attempting to login to the admin area.

Finally, we need to tell WHMCS of the changes to its directory structure.

Click to edit the configuration.php file.

Update the $templates_compiledir variable as follows.

Then add the $attachments_dir and $downloads_dir variables as follows.

Finally, add a variable to tell WHMCS the new name of the admin directory.

When finished, Save and Close the editor.

That's it! Now let's just make sure we can login using the new admin location.

Success! Our WHMCS installation has now been secured.

This is the end of the tutorial. You now know how to secure your WHMCS installation.

Maintain peace of mind with 24/7 UK based support

Email any time or call 01480 26 00 00 014 80 26 00 00