DocumentationWHMCS

WHMCS

Installation

Prerequisites

# Supported OS:
# - Linux (CentOS, Ubuntu, Debian, etc.)
 
# Requirements:
# - PHP 7.4 or higher (8.0+ recommended)
# - MySQL 5.6+ or MariaDB 10.1+
# - Nginx or Apache with SSL
 
# Install PHP and MySQL first (see PHP and MySQL documentation)

Install WHMCS

# Download WHMCS
# Get from https://www.whmcs.com/download/
 
# Create WHMCS directory
mkdir -p /var/www/whmcs
cd /var/www/whmcs
 
# Extract WHMCS
unzip whmcs_*.zip
 
# Set permissions
chmod 755 .
chmod 755 *
chmod 777 attachments
chmod 777 downloads
chmod 777 templates_c
chmod 777 admin/build
 
# Create database
mysql -u root -p -e "CREATE DATABASE whmcs; GRANT ALL PRIVILEGES ON whmcs.* TO 'whmcs'@'localhost' IDENTIFIED BY 'password'; FLUSH PRIVILEGES;"
 
# Access installer
https://yourdomain.com/whmcs/install/
# Or
https://yourdomain.com/install/
 
# Complete installation wizard

File Permissions

Correct Permissions

# Navigate to WHMCS root
cd /var/www/whmcs
 
# Set owner
sudo chown -R www-data:www-data .
 
# Set directory permissions
find . -type d -exec chmod 755 {} \;
 
# Set file permissions
find . -type f -exec chmod 644 {} \;
 
# Special permissions for writable directories
chmod 777 attachments
chmod 777 downloads
chmod 777 templates_c
chmod 777 admin/build
 
# If using symlinks
chmod 755 .
 
# Verify permissions
ls -la attachments
ls -la downloads
ls -la templates_c

CHMOD Individual Folders

# Configuration file
chmod 644 configuration.php
chmod 755 configuration.php    # If directive requires
 
# Attachments directory
chmod 777 attachments
 
# Downloads directory
chmod 777 downloads
 
# Templates cache
chmod 777 templates_c
 
# Admin build directory
chmod 777 admin/build
 
# Assets
chmod 755 assets
chmod 777 assets/uploads
 
# Other directories
chmod 755 templates
chmod 755 modules
chmod 755 includes
chmod 755 admin

Configuration

Database Configuration

# Edit configuration file
sudo nano configuration.php
 
# Database credentials
$db_type = "mysql";
$db_host = "localhost";
$db_username = "whmcs";
$db_password = "password";
$db_name = "whmcs";
 
# System settings
define('ADMIN_PATH', '/admin');
 
# Email settings (configure in admin panel)

SSL Certificate

# Generate self-signed cert (for testing)
sudo openssl req -x509 -nodes -days 365 -newkey rsa:2048 \
  -keyout /etc/ssl/private/whmcs.key \
  -out /etc/ssl/certs/whmcs.crt
 
# Or use Let's Encrypt
sudo certbot certonly --standalone -d yourdomain.com

Web Server Configuration

Nginx Configuration

server {
    listen 443 ssl http2;
    server_name yourdomain.com;
 
    ssl_certificate /etc/letsencrypt/live/yourdomain.com/fullchain.pem;
    ssl_certificate_key /etc/letsencrypt/live/yourdomain.com/privkey.pem;
 
    root /var/www/whmcs;
    index index.php index.html;
 
    location ~ \.php$ {
        fastcgi_pass unix:/var/run/php-fpm.sock;
        fastcgi_index index.php;
        fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
        include fastcgi_params;
    }
 
    location ~ /\. {
        deny all;
        access_log off;
        log_not_found off;
    }
 
    # Disable access to sensitive files
    location ~ /(configuration\.php|\.env|\.git) {
        deny all;
    }
}
 
# Redirect HTTP to HTTPS
server {
    listen 80;
    server_name yourdomain.com;
    return 301 https://$server_name$request_uri;
}

Apache Configuration

<VirtualHost *:443>
    ServerName yourdomain.com
    DocumentRoot /var/www/whmcs
 
    SSLEngine on
    SSLCertificateFile /etc/letsencrypt/live/yourdomain.com/fullchain.pem
    SSLCertificateKeyFile /etc/letsencrypt/live/yourdomain.com/privkey.pem
 
    <Directory /var/www/whmcs>
        AllowOverride All
        Require all granted
    </Directory>
 
    # Disable access to sensitive files
    <FilesMatch "^(configuration\.php|\.env|\.git)">
        Deny from all
    </FilesMatch>
 
    <Files "*.php">
        SetHandler "proxy:unix:/var/run/php-fpm.sock|fcgi://localhost"
    </Files>
</VirtualHost>
 
# Redirect HTTP to HTTPS
<VirtualHost *:80>
    ServerName yourdomain.com
    Redirect permanent / https://yourdomain.com/
</VirtualHost>

Admin Area

Access Admin Panel

# Default admin URL
https://yourdomain.com/admin/
 
# First login:
username: admin
password: (set during installation)
 
# Change admin password
1. Login to admin panel
2. Profile > Change Password
3. Set new password

Initial Setup

1. Configuration > System Settings
   - System name
   - Support email
   - Support phone
 
2. Configuration > General Settings
   - Company name
   - Logo
   - Currency
 
3. Setup > Products
   - Add products/services
   - Set pricing
   - Configure terms
 
4. Setup > Payment Gateways
   - Configure payment methods
   - Set processing fees
 
5. Setup > Email Templates
   - Customize email messages
   - Configure SMTP
 
6. Setup > Automation Settings
   - Configure automated tasks
   - Set email triggers

Backup & Restore

# Backup WHMCS files
sudo tar -czf whmcs-backup-$(date +%Y%m%d).tar.gz /var/www/whmcs
 
# Backup database
mysqldump -u whmcs -p whmcs | gzip > whmcs-db-backup-$(date +%Y%m%d).sql.gz
 
# Restore files
sudo tar -xzf whmcs-backup-20240101.tar.gz -C /
 
# Restore database
gunzip < whmcs-db-backup-20240101.sql.gz | mysql -u whmcs -p whmcs

Updates

# Check for updates
# Admin Panel > System > General > Check for Updates
 
# Automatic update (if available)
# Admin Panel > System > General > Download & Install
 
# Manual update
1. Download latest version
2. Backup existing installation
3. Extract to temporary directory
4. Compare files and update
5. Run upgrade in admin panel

Cron Jobs

# Set up WHMCS cron jobs
# Edit crontab
crontab -e
 
# Add WHMCS cron (runs every 5 minutes)
*/5 * * * * curl -s https://yourdomain.com/crons.php > /dev/null 2>&1
 
# Or using wget
*/5 * * * * wget -O /dev/null https://yourdomain.com/crons.php > /dev/null 2>&1

Security

File Permissions Summary

# Quick permission setup
cd /var/www/whmcs
find . -type d -exec chmod 755 {} \;
find . -type f -exec chmod 644 {} \;
chmod 777 attachments downloads templates_c admin/build

Disable Directory Listing

# In .htaccess
Options -Indexes
 
# Or in Nginx (in server block)
location / {
    autoindex off;
}

Protect Sensitive Files

# .htaccess protection
<Files "configuration.php">
    Order allow,deny
    Deny from all
</Files>
 
# Nginx protection
location ~ /(configuration\.php|install|cron\.php) {
    deny all;
}

Troubleshooting

# Check permissions
ls -la /var/www/whmcs/
ls -la /var/www/whmcs/attachments
ls -la /var/www/whmcs/templates_c
 
# Check MySQL connection
mysql -u whmcs -p -h localhost -e "SELECT 1"
 
# View error logs
tail -f /var/log/nginx/error.log
tail -f /var/log/apache2/error.log
tail -f /var/log/php-fpm.log
 
# Check file ownership
stat /var/www/whmcs/configuration.php
 
# Fix permissions
sudo chown -R www-data:www-data /var/www/whmcs
sudo chmod 755 /var/www/whmcs
sudo chmod 777 /var/www/whmcs/{attachments,downloads,templates_c,admin/build}
CageFS