LxCenter Forum: API and Integration

HyperVM & Kloxo Support

Forum

Members

Help

Home

Home » Kloxo Community Support » API and Integration » WHMCS and Kloxo

Show: Today's Messages :: Show Polls :: Message Navigator

WHMCS and Kloxo [message #83945]

Mon, 23 May 2011 08:02

Tha_Duck

Messages: 84
Registered: December 2010
Location: Utrecht

Valuable Member

I am trying the WHMCS software but can't get it working with Kloxo Sad

This is what I get in the web_command log:
14:00 May/23/2011: __error_login_error
14:00 May/23/2011: array (
'login-class' => 'client',
'login-name' => 'loginname',
'login-password' => 'password',
'output-type' => 'json',
'action' => 'simplelist',
'resource' => 'resourceplan',
)
14:00 May/23/2011: __error_login_error

Ofcource the login/pass is correct, they are working for the webinterface of Kloxo.

Do I need to enable something?

Versions:
Kloxo: 6.1.4
WHMCS: 4.4.2

Report message to a moderator

Re: WHMCS and Kloxo [message #83946 is a reply to message #83945]

Mon, 23 May 2011 08:43

mustafaramadhan

Messages: 5670
Registered: December 2010
Location: Yogyakarta

Super Grandmaster
Forum Moderator

learn about whmcs need like php setting, special package and etc.

..:: MRatWork ::..
Server/Web-integrator - perfect not always more useful

--- Need KVM/OpenVZ VPS? - click here (Kloxo-MR READY!) ---

For bug/feature/security - Member rank status

Report message to a moderator

Re: WHMCS and Kloxo [message #83955 is a reply to message #83946]

Mon, 23 May 2011 14:04

Tha_Duck

Messages: 84
Registered: December 2010
Location: Utrecht

Valuable Member

No, we need to have better documentation...

I had disabled the admin account, but that account is needed. It is not possible to use an auxilairy login. Too bad, a serious security risk.

Report message to a moderator

Re: WHMCS and Kloxo [message #85401 is a reply to message #83955]

Fri, 17 June 2011 16:12

altomarketing

Messages: 4
Registered: June 2011

Member

We had the same problem, please take look into your admin , it can not be letters and numbers, not symbols

Report message to a moderator

Re: WHMCS and Kloxo [message #85430 is a reply to message #83955]

Sat, 18 June 2011 06:03

mustafaramadhan

Messages: 5670
Registered: December 2010
Location: Yogyakarta

Super Grandmaster
Forum Moderator

Tha_Duck wrote on Tue, 24 May 2011 01:04

No, we need to have better documentation...

I had disabled the admin account, but that account is needed. It is not possible to use an auxilairy login. Too bad, a serious security risk.

Why do you think use admin account to be serious security risk?.

..:: MRatWork ::..
Server/Web-integrator - perfect not always more useful

--- Need KVM/OpenVZ VPS? - click here (Kloxo-MR READY!) ---

For bug/feature/security - Member rank status

Report message to a moderator

Re: WHMCS and Kloxo [message #85457 is a reply to message #85430]

Sat, 18 June 2011 23:12

Walter

Messages: 865
Registered: February 2009
Location: Florianopolis / BR

Senior Master
Forum Moderator
LxCenter Project Manager

It is not a security risk but disabling admin in favor of an Auxiliary login improves security.

In theory, one could attempt to brute-force "admin" password using several proxies regardless of LxGuard limit as it blocks based on the requesting IP. With an arbitrary login, the attacker would have to guess both login name and password and that is impossible as the number of proxies higher than the ammount of available IPv4 available.

The problem is WHMCS that forces you to use "admin" and standard ports 7777/7778. No auxiliary or reseller accounts.

But you could use Lighttpd rewrite rules (in lxlighty) to change the user from admin to something else. Probably better with mod_magnet if you rebuild the lxlighttpd package with lua support.

It's a hack, but better than wait for WHMCS coders to update "LxAdmin" plugin. Smile