WHMCS Security Settings

1. Delete the installation directory
Delete the installation directory after the installation is complete install

2. Modify the permissions of configuration.php
Modify the permissions of configuration.php to 644.

3. Mobile attachments /downloads /templates_c directory These directories need to be set to write permissions, that is, you need to set the permissions to 777, so for security, it is best to move these directories to A directory that the web cannot access. After the move, modify the path in configuration.php:
$templates_compiledir = "/home/whmcs/templates_c/";$attachments_dir = "/home/whmcs/attachments/";$downloads_dir = "/home /whmcs/downloads/";

Modify the above three paths to the path afterwards

4. Modify the name of the admin folder admin is the management directory, in order to prevent others Malicious login, guess password, you can rename this folder, change the name and modify the following statement in configuration.php, specify the new directory:
$customadminpath = "myadminname";

Modify After that, the path of the cron job also needs to be updated. For example, the path under the cpanel host is:
php -q /home/mylogin/public_html/secure/myadminname/cron.php