If you would like to add additional security to your remote server install, check the Advance Installation Guide (Remote Server)
The following functions need to be enabled during the installation and for the cronjob. It does not need to be enabled for systemwide.
system() posix_getpwuid() fileowner() filegroup() fileperms()
Run the following one step installer, it will install the files onto the remote server for you and install the cronjob.
cd /tmp; wget -N http://files.baseservers.com/codebox/whmcs-csfunblocker/installer.tar; tar -xvf installer.tar ; chmod +x installer.php;
To start the installation
php installer.php arg1 arg2 arg3
|Argument 1 Options||Explanation|
|install-ioncube10||install the ioncube 10 version|
|Argument 2 Options||Explanation|
|cpanel||install the files into /var/www/html|
|cpanel-ea3||install the files into /usr/local/apache/htdocs|
|da||install the files into /var/www/html|
|Argument 3 Options||Explanation|
|default||leave the default hash in the settings file alone|
|random||Generate a random Hash to replace the default hash in the settings file|
|Any string||Replace the default hash with the string provided. Avoid using quotes, it will be stripped out.|
Example installer command
cd /tmp; wget -N http://files.baseservers.com/codebox/whmcs-csfunblocker/installer.tar; tar -xvf installer.tar ; chmod +x installer.php; php installer.php install-ioncube10 cpanel default
When running the one step installer, the installer will use your native php (Usually /usr/local/bin/php) to run the installation commands unless you had specified (Ie; using alt-php). Therefore, if your native PHP have the following functions disabled (system() posix_getpwuid() fileowner() filegroup() fileperms(), then the one step installer will not work properly.
To check if the installation is completed properly, check the crontab for root.
If there is a new entry at the bottom of the crontab that runs php CSFUnblockremote.php, then the installer completed successfully. Otherwise, you will need to temporary comment out the disable_function option in the the native PHP's php.ini file (Usually at /usr/local/lib/php.ini).
Once installed, you can -reenable disable_function in the native php.ini file.
To complete the installation, comment out the disable_function in /var/www/php.ini. This php.ini is a copy of the native php.ini the installer had made. You can comment the disable_function line in this php.ini (/var/www/php.ini) and it won't affect your system's security as only the cronjob will be using this php.ini file.
Some linux setup (php-fpm) will limit your PHP's access to /tmp. You can run the following command to copy the files to your /var/www/html
cd /tmp; wget http://files.baseservers.com/codebox/whmcs-csfunblocker/remoteUpload.tar; tar -xvf remoteUpload.tar; mv /tmp/CSFSettings.php /tmp/CSFUnblockremote.php /var/www/html;
Once that has been run. Goto /var/www and wait for the cronjob to run, it should auto generate a bunch of new files on the next cronjob.
You can change the /var/www/html to any of your docroot of your choice.
You can find the latest remote module files at this URL
If you want to install it manually, you can upload the files in remoteUpload folder to the remote server's documentroot. Note that the uploaded files must be web accessible using the Web Address listed in the Admin interface.
If the web address is abc.domain.com
Then http://abc.domain.com/CSFUnblockremote.php MUST be accessible publicly
By default cpanel and DirectAdmin will have the document root stored in
Once the file is uploaded, you would need to setup a cronjob to run CSFUnblockremote.php
cPanel & DirectAdmin
*/2 * * * * php -c /var/www/php.ini -q /var/www/html/CSFUnblockremote.php cron > /dev/null 2>&1
We are using a local php.ini file so that we don't have to make changes to the system wide php.ini file(/usr/local/lib/php.ini). If your system wide php.ini have the following functions disabled. It is advisable to make a copy of the system wide php.ini and make the cronjob to load the local customized php.ini
As of v4.64, we have introduced a whitelist IP array in the CSFSettings.php. By adding your WHMCS server's IP address in the $allowedIP array, it will tell the module to only allow the IP's in the array to have access to the module.
If left blank, all connections will be accepted if the hash is matching.
If you installed the module using the one step installer then run the following commands to remove the module.
rm -rf /var/www/html/CSF*; rm -rf /var/www/csf*; rm -rf /var/www/*.cluster; rm -rf /var/www/*.local;
Once the files are removed, you also need to remove the cronjob from root that runs /var/www/html/CSFUnblockremote.php