User51

How would I change all the "keys" in the databases from INT to VARCHAR ? Do I have to reinstall the whole thing?

Yeah I know, that's why I said "temporarily" hopefully this can be fixed, if not by Shen Wei then by the community.

Good to here. I noticed the having was changed from SHA-1 to SHA-256 (which is a good thing!) However this means that if you already have clients that signed up with your MOPHY-lite, their password would no longer work, correct? While the issue gets fixed, do you think it would be a good idea to use directory privacy to just prevent access to /admin in general?

Yes I've heard on GitHub. Until then, would it make sense to do this?

Currently, anyone can access anybody's account on MOPHY-lite by knowing the end-user's "hosting_client_key", which can be easily done by brute forcing numbers 0 through 999,999: https://github.com/NXTS-Developers/MOFHY-Lite/issues/53 However, what if you change the code, so that when the end-user signs up, the "hosting_client_key" doesn't generate numbers 0 through 999,999, but instead uses a combination of numbers and letters? This makes it much harder to brute force. Or will doing this break something? (My apologies if this is the stupidest idea ever) While this is probably not the most ideal solution, it is at least a somewhat efficient way of dealing with the problem, until an actual fix is made.

I tried. The MyOwnFreeHost API Is different. The "username" that BoxBilling generates is different than the one you use to log into. They're also dropping support for MyOwnFreeHost, eventually: https://github.com/boxbilling/boxbilling/pull/1089

Oh! I didn't know that. Where can I find that, the only one I find on GitHub is v1.8

Not anywhere near as bad as Hustal. That's a pretty good choice, unfortunately it isn't actually a client area it's just an authentication template. -- You could also purchase a license for WHMCS but it's expensive and some features don't work fully.

Unfortunately, BoxBilling does not work with MyOwnFreeHost

Well, there technically is "PROJECT HUSTAL", but it has too many security issues to be usable. I wouldn't recommend it. MOPHY-Lite is your best bet, currently.