WHMCS is a commonly used ‘client, billing and support’ portal for businesses. To protect the confidentiality of data stored in it, this software has many security features.
IP ban is such a security feature in WHMCS to prevent unauthorized access to the portal. Anyone trying to login from a banned IP will get a ‘WHMCS login failed’ message.
Security features for WHMCS login attempts
In WHMCS, the option ‘Whitelisted IPs‘ in ‘General Settings -> Security‘ tab helps to allow access from certain authorized locations. You can add and remove IPs from this list.
Once an IP address is added to this Whitelist, users who try to login from this IP would never be blocked from accessing the WHMCS.
Whitelist IPs in WHMCS
But it may not be possible to add all the user IPs to this list, especially in cases where there are a huge number of user accounts in the system.
Another security feature in WHMCS is banning IPs from which failed login attempts happen. This is done to block hackers who try to attempt login to the WHMCS.
However this ban is a temporary setting, and will be waived after a time duration. The ‘Failed Admin Login Ban Time’ can be used to set this duration of ban.
A user who is not whitelisted and fails to provide valid login credentials for 3 times, will be banned from accessing WHMCS for the next 15 minutes and unblocked afterwards.
This automatic unban feature is used to facilitate valid users who happen to face login failures due to incorrect credentials or after forgetting their account details.
To ban suspicious IPs permanently from WHMCS, the options ‘Setup -> Other -> Banned IPs’ can be used.
Ban suspicious IPs from WHMCS
How WHMCS login failed error happens
Suppose you tried to login to your WHMCS account and accidentally entered the password wrong thrice. Your IP will be banned and you will see the message:
Your IP 122.181.*.** Ban Reason: 3 Invalid Login Attempts Ban Expires: 25/05/2013 11:43
This means that your IP is added to the banned list of IPs in WHMCS and you would not be able to access WHMCS until the ban is waived by the software.
The list of banned IPs are stored in the WHMCS database table ‘tblbannedips’. To login again, you need to remove your banned IP from this table.
How to fix WHMCS login failed errors caused by IP ban
For the user to access WHMCS again, the banned IP should be removed from the WHMCS database. This can be done via the Phymyadmin or the SQL prompt.
A word of caution – Always take proper backup before modifying database entries.
Unblock IP address using Phpmyadmin
To remove an IP address from the banned IP list of WHMCS, follow these steps.
1. Log into the ‘phpMyAdmin’ database administration area for the user.
2. Select the WHMCS database and browse the table ‘tblbannedips’.
3. Find the entry in the table that matches your IP address.
4. Delete that row in the table to remove the ban record.
Delete the blocked IP address from WHMCS database
Now the user’s IP address would be unblocked and he would be able to login to WHMCS fine from that IP address!
Remove banned IP address via MySQL
You can also access the database and delete the table entry via the MySQL prompt from the backend of the server after connecting via SSH.
To remove the IP address from the banned table in WHMCS database via the SQL prompt, the steps are:
- Connect to MySQL using command “mysql”.
- Select the WHMCS database using ‘use databasename’;
- Verify the entry in the ‘Banned IP’ list table with the command ‘select * from tblbannedips;’
- Delete the entry for the corresponding IP using ‘delete from tblbannedips where ip=’122.181.*.**’;’
- Quit the SQL server.
Unblock IP from WHMCS database
Refresh the browser to access the WHMCS again. Your IP would be unblocked and you can login to WHMCS fine now.
Points to note..
While WHMCS automatically bans and unbans IP, it is always advisable to implement security monitoring to detect suspicious access to the server.
At Bobcares, our security team monitors the notifications from WHMCS, such as ‘WHMCS Admin Failed Login Attempt’, and examine the details to see if there is any server attack.
By configuring server firewalls and security rules, we prevent hack attempts and only trusted IP ranges will be allowed access to WHMCS.
Bobcares helps online businesses of all sizes achieve world-class security and uptime. If you’d like to know how to make your server more secure, we’d be happy to talk to you.
