How to install WHMCS on Windows..

[Rock]

What is WHMCS or WHMCompleteSolution ?

WHMCS is the complete all-in-one client management, billing & support solution for Web Hosts & Other Online Web HostingBusinesses. Packed with features but with a core focus on remaining easy to use and customise, WHMCS enables you to easily and effectively manage your web hosting business. It also automates many routine tasks including invoicing, order provisioning, domain names, suspensions, and more..

Highlights include:

• Automated Recurring Billing & Simple One Time Invoicing
• Flexible Product Options, Custom Welcome Emails, Fields & Options
• Automated Hosting/Domain Provisioning & Management
• Payment Tracking, Accounting Features & Statistical Reports
• Easy to Use Client Area with Integrated Support Tools
• Fully Customisable Client Area with a Powerful Templating System
• Development Kits, Action Hooks & an API for integrating & extending

Installing WHMCS is very simple. Mostly people install WHMCS on Linux web hosting servers, here we're going to see how to get it installed on a Windows VPS or Windows Dedicated web hosting servers..

The following steps will guide you through the install process :

1) Downloading WHMCS:

To download WHMCS, login to your client area at [http://www.whmcs.com/clients/]

You should then do the following to download the zip file containing the installation:
Click the My Licenses link > Select one of your active license keys > Choose the latest version to download from the available Downloads

2) Installing Ioncube:

WHMCS is encrypted using the Ioncube system, hence you need to have the necessary loaders installed on the server for it to work properly.

HERE is a wonderful tutorial on installing Ioncube loaders on Windows Servers.

3) Installing WHMCS:

• Unzip the contents of the zip file downloaded from the first step to a folder on your server [eg: D:\Inetpub\Vhost\your-domain.com\httpdocs\whmcs\ ].
• Rename the file configuration.php.new to configuration.php
• The following folders & files are needed to be made writable [IUSR_machine & IWAM_machine should have write permissions]:

1. configuration.php
2. attachments
3. downloads
4. templates_c

• Now, run the installation script by accessing http://www.your-domain.com/whmcs/install/install.php replacing your-domain.com with your actual domain name hosted on the server.
• Make sure you choose New Install on Step 2. Now the next screen will guide you through the rest of the setup process, where you'd be asked to input the WHMCS license & the MySQL database access details.
• The next screen would prompt you to input the WHMCS admin login credentials, choose any good username & a strong password.
  
• On the last step, it will ask you to setup a cron job or a schedule task rather & provide you with the exact command you need to use. Failing to do this, will cause the automated tasks such as sending emails, database backups, etc to cease.

Now the installation process is complete,here's what you should do next:

1. Deleting the Install Folder : **This is an important step** You should delete or rename the install directory so that someone else [Malicious users] shouldn't reinitialize the installation process again which can cause problems unnecessarily.

2. Securing the Writeable Directories : **This is an important step** It is recommended to move the attachments, downloads & templates_c directories (which need to be writeable for WHMCS to function properly) outside of the publicly accessible folder tree on your website. ie: outside httpdocs or to some different directory. The configuration.php in the WHMCS folder allows you to do this by adding/changing few parameters within it:

Quote:

$templates_compiledir = "new-writeable-dir/templates_c/";
$attachments_dir = "new-writeable-dir/attachments/";
$downloads_dir = "new-writeable-dir/downloads/";

3. *RENAME* Admin Folder:You can further RENAME [Don't MOVE] the admin section of your WHMCS installation by adding the following line to the configuration.php file:

Quote:

$customadminpath = "whmcsadminsec";

Once you do the above changes, you need to reissue your whmcs license so that you don't lock yourself out of the admin area.

Finally, add a schedule task to run automatically as a daily chore. This can be done from the Scheduled Tasks option available in the Windows server control panel.
Add a new scheduled task to execute "php D:\Inetpub\Vhost\your-domain.com\httpdocs\whmcs\cron.php"

Post installation steps & further internal configurations :

After installation is completed, it's recommend that you go through and configure your new WHMCS system in the following order:

• Login to the Admin Area and configure your General Settings from Configuration > General Settings.
• Setup your Payment Gateways from Configuration > Payment Gateways
• Setup your Products & Services from Configuration > Products/Services.
• Configure your Domain Pricing fromConfiguration > Domain Pricing.
• Setup your Support Ticket Departments from Configuration > Support Departments.
• Setup email piping so you can manage tickets using the WHMCS Support Desk.
• Ensure the WHMCS Cron Job is setup and configure automated tasks from Configuration > Automation Settings.
• Place some test orders on your website to check if everything works as expected... else
  

Good luck with it...

[eUK-Martin]

WOW..!!! That is a wonderful tutorial and must have taken allot of efforts as well.
It is a great 1000th post

[Rock]

Quote:

Originally Posted by eUK-Martin

WOW..!!! That is a wonderful tutorial and must have taken allot of efforts as well.
It is a great 1000th post

Thank you Martin.. this is indeed going to be a memorable thread to me..

[Catherine]

Agreed. A wonderful post which will help everyone to get a clear idea about the installation of WHMCS on Windows. Thanks!!

[Rock]

Quote:

Originally Posted by Catherine

Agreed. A wonderful post which will help everyone to get a clear idea about the installation of WHMCS on Windows. Thanks!!

Thank you very much.. your words inspire me completely to continue compiling more of such articles..

[XXxxImmortal]

Just thought i would be nice and tell u about a little secret not so many people realize and about 85% of all webhosting companies fail to secure

in ur whm usually /home/ur-username/public_html/site/whmcs/config.php is viewable to read

now lets say the servers php functions allows u to view via

Code:

cat /home/ur-username/public_html/site/whmcs/config.php

a person can easily have a shell up and gain mysql access and add a new username to ur whmcs admin and then can easily go to ur admin page and login

now how to secure is this

install whmcs (if you already installed it disregard that)
chmod configuration.php 700 as well as any other configuration files wich may leave your hosting vulnerable to said problem


the other way of doing it is with disable_functions and suphp and cgi safemode ill post screenshots of how to do it with cpanel and whmcs this is mainly for people with there own vps's/dedicated servers

okay login to whm and search for easy apache

Click easy apache

After that click start customizing based on profile click apache 2.2 click next select php5 click next click php 5.2.9/php 5.2.8 click next


now were at the important part
Check the following
Mod SuPHP
IonCube Loader for PHP
EAccelerator for PHP
Mod Bandwidth
Mod Security
Mod Perl
Suhosin for PHP
Zend Optimizer for PHP

then click Exhaustive options

ignore all the other shit its fine ctrl + f in firefox look for

Safe PHP CGI

check it this makes it so you cant inject a new php.ini and over ride current php security configuration

Click save and build, it may take some time depending on the specifications of your server/vps ram/cpu after its all done download puTTy if you dont already have it and ssh to your server (if you need help doing this pm me..) and find your php configuration file (cpanel default: /usr/local/lib/php.ini) type nano /usr/local/lib/php.ini press ctrl + w type in disable_functions

it will jump to a line thats probably like this disable_functions = on the end of that were gona change it to

disable_functions= "symlink,shell_exec,exec,proc_close,proc_open,pope n,system,dl,passthru,escap
eshellarg,escapeshellcmd"



this is VERY VERY VERY basic just to keep people out of your box theres PLENTY of other things you should do but this will work fine

Thanks to pimpnj for stating what to do

[ronaldo]

Thanks for sharing

[Rock]

Quote:

Originally Posted by ronaldo

Thanks for sharing

You're welcome

[paul]

Very Helpful, thanks a lot!

[Rock]

Quote:

Originally Posted by paul

Very Helpful, thanks a lot!

You're welcome, Sir Paul