Block words for customer details – It Prevent Hackers

Check Client Details Hook for WHMCS to prevent hackers.

It prevents when registration or update client details, to use blocked words like AES, tbladmin, php, … UPDATEABLE by admin


A) Edit $fields to add or remove fields to check (by default all fields with type “string” that are supported in the current WHMCS release are included).
B) Edit $blocked to add or remove words that are blocked (by default I’ve included a few words that seem to be the most common for automated SQL Injections).
C) Edit text in $error to fit your language or preference.

When it blocks:

  1. It block the IP as AUTOBAN, adding the log so you can see what hacker entered
  2. It is stored as log for admin check in
  3. It sends an alert to admin by email