The point of this project is a production ready solution for running WHMCS in docker under Traefik reverse proxy. There's already a couple other projects attempting something similar. However, they are either meant for development only, are outdated and/or not optimized to be ran under Traefik. This project complies with all of the official WHMCS security and packages recommendations that are found at "Further Security Steps" and "System Environment Guide".

This project uses Nginx instead of Apache web server, WHMCS was development with Apache in mind so few extra steps are required to achieve production ready setup. Majority of modifications have been already implemented, rest of manual modifications are covered in the guide below.

• Domain
• Valid WHMCS license

Clone repository

git clone https://github.com/EdyTheCow/docker-whmcs.git

Set correct acme.json permissions
Navigate to _base/data/traefik/ and run

sudo chmod 600 acme.json

Generate .htpasswd user and pass
Navigate to _base/data/traefik/.htpasswd and place your generated user/pass in there

Whenever you navigate to your admin area, you'll have to login with generated user and pass and then login with your WHMCS user. This basic auth is very effective against bots and endless spam in emails of failed logins.

Start docker compose
Inside of _base/compose run

docker-compose up -d

Configure Nginx default.conf
Navigate to whmcs/data/nginx/sites/default.conf and change these variable:

Place contents of WHMCS files
Navigate to whmcs/data/whmcs and place the contents of WHMCS in there

Set .env variables for WHMCS
Navigate to whmcs/compose/.env and set these variables:

Start docker compose
Inside of whmcs/compose run

docker-compose up -d

Now you can navigate to your-domain.com/install and follow the installation insturctions. Use mysql for MySQL host. User, database and password are found in whmcs/compose/.env where you configured them earlier.

After installation delete the install folder in whmcs/data/whmcs/install and follow the instruction below for additional configuration for security hardening.

Official source: docs.whmcs.com
Navigate to whmcs/data/whmcs and run

sudo chmod 400 configuration.php

Official source: docs.whmcs.com
Sometimes the URL in admin panel might be using http instead of https which may cause a warning for invalid SSL certificate. In the WHMCS panel navigate to System Setting > General Settings and make sure Domain and WHMCS System URL are using https.

Moving files above web root is a recommended practice by official WHMCS documentation. This is fairly easy to do using docker volumes. The volume whmcs_storage is used for this exact purpose, directories have been already created so all you need to do is change them in the admin panel.

Official source: docs.whmcs.com
Navigate to System Setting > Storage Settings under Configurations add listed local storage:

Navigate to Settings tab and replace tbe old paths with the newly added ones.

Official source: docs.whmcs.com
Navigate to whmcs/data/whmcs/configuration.php and add change path for $templates_compiledir to /var/www/whmcs_storage/templates_c

Official source: docs.whmcs.com
Navigate to whmcs/data/whmcs and move crons directory to whmcs/data/whmcs_storage.
Navigate to crons and edit config.php.new, inside the config uncomment the whmcspath option and set the new path to /var/www/html/.
Rename the config.php.new to config.php. Navigate to whmcs/data/whmcs/configuration.php and add this line at the bottom of the configuration $crons_dir = '/var/www/whmcs_storage/crons/';

Official source: help.whmcs.com
Setting update folder will allow you to automatically update WHMCS in the future. Similar to file storage the update folder will be located above the web root inside whmcs_storage directory. Navigate to Utilities > Update WHMCS and set the directory to /var/www/whmcs_storage/whmcs_updater_tmp_dir

• Logo created by Wob - Dribbble.com/wob
• Inspired by other similar projects fauzie/docker-whmcs, cloudlinux/kd-whmcs and darthsoup/docker-whmcs