The WHMCS Firewall File System protection menu is where the controls are located to enable the various features of the “firewall” portion of this WHMCS security module.

The settings are:

Backup – this allows you to create a backup of the current .htaccess file before you enable any security features or make changes. (very important)

5G Blacklist Rules

The 5G Blacklist is a simple, flexible blacklist that checks all URL requests against a series of carefully constructed HTAccess directives. This happens quietly behind the scenes at the server level, saving resources for stuff like PHP and MySQL for all blocked requests.

Blacklists can block just about any part of a request: IP, user agent, request string, query string, referrer, and everything in between. But IP addresses change constantly, and user agents and referrers are easily spoofed. Request strings yield the best results: greater protection with fewer false positives.

The WHMCS Firewall implementation of the 5G blacklist is customized to add WHMCS specific security. It also allows you to only add a certain set of rules at a time versus adding the entire rule list at once. Backup and 1 click file version rollback features are also included.

Block Proxy Servers Rule

Rather than attempt to block proxy servers by who they are (i.e., via their specified domain identity), it is far more expedient and effective to block proxy servers by what they do. By simply blacklisting the various HTTP protocols employed by proxy servers, it is possible to block virtually all proxy connections.

Blacklist via Query String Rule

Use of Apache’s REQUEST_URI variable is frequently seen in conjunction with URL canonicalization. The REQUEST_URI variable targets the requested resource specified in the full HTTP request string. Thus, we may use Apache’s THE_REQUEST variable to target the entire request string (as discussed above), while using the REQUEST_URI variable to target the actual request URI. As you can imagine, blacklisting via REQUEST_URI is an excellent way to eliminate scores of malicious behavior.

Hotlink Protection Rule

Hotlinking refers to linking directly to non-html objects on other servers, such as images, movie files, etc. This can greatly impact bandwidth usage and WHMCS Firewall helps to prevent these requests on your server using specially crafted commands in your .htaccess file.

Restore Original File

You should always test your website after any .htaccess change or newly enabled security feature. Since you made a backup as instructed above, you will notice a restore button that allows you to restore your old .htaccess file if you do not like the results.

Clients area vs Admin

htaccess rules can be applied selectively to the core WHMCS website (includes Clients control panel) and there is a separate tab to manage the rules on the WHMCS “Admin Control panel”.

Always start with a file backup and a complete offsite backup before enabling any of the features in the File System protection screen!

If you need help or have questions, you should open a support ticket BEFORE you click to many buttons in this screen :-)

Follow the steps below to view the WHMCS Firewall File System Security menu:

Login to your WHMCS > hover over the menu tab ADDONS > click on FIREWALL MANAGEMENT > click the FILESYSTEM SECURITY menu tab>

filesystem-security-2