The Problem
Customers need to share passwords, API keys, and credentials through support tickets. This creates security risks.
What Happens Without Encryption
Customer opens ticket: "Can't log into cPanel, here's my password: MyPassword123"
Security issues:
- Password stored in plaintext in database
- Visible to all support staff (including new hires)
- Remains in database forever
- Database backup contains plaintext passwords
- Database breach exposes all credentials
- GDPR compliance nightmare
Common scenarios:
- Customer shares cPanel password
- Client provides FTP credentials
- API keys sent for integration issues
- Database passwords for troubleshooting
- SSH keys for server access
- Payment gateway credentials
All stored unencrypted in WHMCS database.
Current Workarounds Don't Work
Tell customers "don't send passwords":
- They send them anyway
- Support needs credentials to help
- Customers don't understand security
Use external tools (email, password managers):
- Disrupts support workflow
- Customers won't use them
- Still need to track which ticket needs which credential
Manual deletion after use:
- Staff forgets
- Credentials remain in database
- Database backups contain old passwords
Separate secure portal:
- Customers won't use it
- Too complex for support staff
- Credentials still end up in tickets anyway
None of these solve the actual problem: credentials in your WHMCS database.
The Solution
Secure Ticket Data encrypts sensitive information in support tickets using AES-256-CBC. Customers add credentials through encrypted fields. Only authorized staff can decrypt them. Auto-deletion removes old credentials.
How It Works
Client side:
- Open support ticket
- "Secure Data" section appears
- Enter sensitive information (password, API key, etc.)
- Save
- Data encrypted before storage
Admin side:
- Open ticket with encrypted data
- Click "View Secure Data"
- Data decrypts (if authorized)
- Use credentials for support
- Data auto-deletes after configured days
Database:
- Only encrypted data stored
- No plaintext ever
- Separate table from ticket content
- Auto-cleanup after X days
Security:
- AES-256-CBC encryption
- Encryption key generated during install
- Access controlled by WHMCS admin roles
- All access logged
Real Use Cases
Hosting Support:
Customer can't access cPanel. Needs password reset but support needs to verify current password.
Without encryption:
- Customer sends password in ticket
- Stored plaintext in database
- Remains forever
- Multiple staff see it
With encryption:
- Customer adds password to secure field
- Encrypted immediately
- Only authorized staff decrypt
- Auto-deletes after 30 days
API Integration Issues:
Customer's API integration broken. Support needs API key to test.
Without encryption:
- API key in ticket text
- Visible to all staff
- Searchable in database
- Backed up in plaintext
With encryption:
- API key in encrypted field
- Decrypted only when needed
- Auto-deleted after issue resolved
- Not searchable, not in backups as plaintext
Database Troubleshooting:
Customer reports database errors. Support needs credentials to investigate.
Without encryption:
- Database password in ticket
- Junior staff can see it
- Remains in system indefinitely
- Compliance issue
With encryption:
- Password encrypted
- Only senior staff authorized
- Access logged
- Auto-deleted after 7 days
GDPR Compliance:
Customer requests data deletion. Tickets contain passwords and personal information.
Without encryption:
- Manual search through all tickets
- Delete ticket history (lose support context)
- Or violate GDPR (credentials remain)
With encryption:
- Encrypted data auto-deletes
- Or manual deletion per ticket
- Ticket history preserved
- GDPR compliant
Installation
- Purchase from ArkHost Store
- Upload to `/modules/addons/secure_ticket_data/`
- Activate in Setup → Addon Modules
- Configure auto-deletion (days until removal, 0 = keep forever)
- Set admin role permissions
- Done
Encryption key generated automatically during activation.
Configuration
Auto-Deletion
Set number of days before encrypted data is removed:
- 0 = Keep forever (not recommended)
- 7 = Delete after 1 week
- 30 = Delete after 1 month (recommended)
- 90 = Delete after 3 months
Why auto-delete:
- Credentials become stale
- Reduces security risk
- GDPR compliance
- Forces password rotation
Admin Permissions
Control which admin roles can decrypt data:
- Full Administrator: Yes
- Support Manager: Yes
- Support Staff: No (or Yes, depends on policy)
- Billing: No
Logging:
All decrypt actions logged with:
- Admin name
- Timestamp
- Ticket ID
- Client name
Usage
Client: Adding Encrypted Data
- Open ticket (new or existing)
- Find "Secure Data" section
- Enter sensitive information
- Click Save
- Confirmation shown
Data is encrypted immediately. Never stored in plaintext.
Client: Viewing Own Data
- Open ticket
- Click "View Secure Data"
- Data decrypts and displays
- Client can edit or delete
Client: Editing Data
- View secure data
- Click Edit
- Modify information
- Save
- New encryption applied
Client: Deleting Data
- View secure data
- Click Delete
- Confirm
- Data permanently removed
Admin: Viewing Encrypted Data
- Open ticket with encrypted data indicator
- Click "View Secure Data"
- Data decrypts (if authorized)
- Action logged in WHMCS activity log
Unauthorized admins see "Access Denied"
Admin: Manual Deletion
- View encrypted data
- Click Delete
- Confirm
- Data removed immediately
- Deletion logged
Technical Details
Encryption:
- Algorithm: AES-256-CBC
- Key generated during installation
- Key stored securely in module files
- No plaintext storage ever
Database:
Table: mod_secure_ticket_data
- Encrypted data blob
- Ticket ID association
- Client ID association
- Timestamps (created, updated)
- Auto-delete flag
Security measures:
- Encryption at rest
- Access control via WHMCS roles
- Activity logging
- Auto-deletion
- No plaintext in backups
Performance:
- Minimal overhead
- Only loads on ticket pages
- Encryption/decryption on-demand
- No impact on ticket listing
Integration:
- Hooks into WHMCS ticket pages
- No template modifications required
- Works with all themes
- Ajax-based interface
Language Support
8 languages supported:
- English
- Spanish
- French
- Portuguese
- Russian
- Dutch
- Italian
- German
Automatically detects WHMCS language setting. Falls back to English if language not available.
Security Considerations
Encryption key:
- Generated during installation
- Stored in module files (not database)
- Required for decryption
- Backup module files with WHMCS backups
Access control:
- Configure carefully
- Limit to necessary staff
- Review logs regularly
- Revoke access when staff leave
Auto-deletion:
- Set appropriate timeframe
- Balance security vs support needs
- 30 days works for most cases
- Shorter for highly sensitive data
Database backups:
- Encrypted data in backups is safe (can't decrypt without key)
- Include module files in backups (contains encryption key)
- Restore requires both database and module files
Key rotation:
- Not currently supported
- Would require re-encrypting all data
- Contact support if key compromise suspected
Troubleshooting
Secure data section not appearing:
- Check module activated
- Verify WHMCS version 8.9+
- Clear browser cache
- Check JavaScript console for errors
Can't decrypt data:
- Verify admin has permission
- Check WHMCS activity log for errors
- Confirm encryption key exists in module files
- Test with different admin account
Auto-deletion not working:
- Check configuration set (not 0)
- Verify WHMCS cron running
- Check data creation date
- Review WHMCS activity log
After restore, can't decrypt:
- Encryption key missing from restored module files
- Restore module directory from backup
- Key must match encrypted data
Performance issues:
- Check database indexes
- Verify PHP version 8.1+
- Review MySQL query log
- Contact support with specifics
Compliance
GDPR:
- Encrypted data protects customer information
- Auto-deletion supports data minimization
- Manual deletion for customer requests
- Activity logging for audit trail
PCI DSS:
- Don't store credit card data (against PCI rules)
- Use for passwords and API keys only
- Not a replacement for PCI compliance
ISO 27001:
- Encryption at rest
- Access controls
- Activity logging
- Data retention policy
When You Need This
Required if:
- Customers share credentials in tickets
- GDPR compliance needed
- Database security important
- Multiple support staff with varying trust levels
- Audit trail required
Not required if:
- Customers never share sensitive data
- Single support person only
- External password manager used successfully
- No compliance requirements
Comparison to Alternatives
Manual deletion:
- Staff forgets
- Credentials remain in database
- No encryption
- This module: Auto-deletes, encrypted
Email/external tools:
- Customers won't use them
- Disrupts workflow
- Credentials still end up in tickets
- This module: Integrated, seamless
Separate secure portal:
- Too complex
- Poor adoption
- Extra system to maintain
- This module: Built into WHMCS
File attachments:
- Not encrypted
- Remains in WHMCS storage
- No access control
- This module: Encrypted, controlled, auto-deleted
Technical Specifications
Requirements:
- WHMCS 8.9+
- PHP 8.1+
- MySQL 5.7+
File Structure:
modules/addons/secure_ticket_data/
├── secure_ticket_data.php Main module
├── hooks.php WHMCS hooks
├── encryption.php Encryption functions
├── license.php License validation
└── lang/ 8 language filesSecurity:
- AES-256-CBC encryption
- Secure key generation
- Access logging
- Role-based permissions
Performance:
- On-demand encryption/decryption
- Minimal database overhead
- No ticket listing impact
- Ajax interface
Support
Purchase: ArkHost Store
Before contacting support:
- Check module activated
- Verify admin permissions configured
- Review WHMCS activity log
- Test with full administrator account
When reporting issues:
- WHMCS version
- PHP version
- Module version
- Error from activity log
- Steps to reproduce
