Today our largest competitor was compromised. Their website was deleted, service interrupted, and their database was downloaded by the attackers. Many of their customers are left wondering whether their credit card numbers have been acquired, with some already contacting their banks.
We’re sad to hear about the compromise and wouldn’t wish this on anyone, even a competitor. We hope that they will quickly recover from this incident, that their customers’ personal information won’t be released publicly or used maliciously, and that the necessary precautions will be taken to lessen the likelihood of a similar re-occurance.
And while nothing is ever 100% secure, I wanted to reassure our customers that we take security seriously. We’ve never had a breach in either our software or hardware. Here are a few things we do that stand out to me in light of the issues we learned about today.
The server hosting blesta.com is not currently single role, but it has been planned for the past several weeks. In light of the issues with our competitor today, I’m fast tracking the cutover for this. Even so blesta.com’s only interaction with customer data is via a limited access API, not direct database access and it’s on a different physical machine.
We have always taken security seriously, in v2.x, and even more so in v3. It’s a two part issue though — software and hardware.. you’ve got to have a grip on both.
There’s more I could say about the things we do to protect customer data, but I’ll leave that for another post.
Just my thoughts.
Tags: secure | security
I got hit with something last week, not quite back to 100%, but almost. I hope you are faring better than me, it’s never fun being sick.
This week I wanted to show you the coupon system. Early on I assumed we would implement the coupon system as part of the order plugin. Instead we implemented the coupon system as a core feature. The reason for this was simple: The introduction of recurring coupons.
The coupon system now supports the following:
Recurring coupons were highly requested. Often times multiple packages would have to be created to bill clients custom prices. This has been resolved in two ways with v3 — recurring invoices, and recurring coupons. Massive numbers of packages are a thing of the past.
It’s now possible to have a term or quantity based promotion for the life of the service. If the coupon is recurring, Blesta will automatically apply the coupon to the invoice when the service renews. In addition to that, coupons may apply to any packages assigned to the coupon at order, or may require that all packages assigned to the coupon are ordered at the same time. (Get 10% off when ordering Bronze Hosting and a Domain Name, for example).
The video is below, as usual you can make the video full screen, and be sure to turn on your sound. I think I sound normal again. :D
Tags: blesta 3.0 | coupon | coupons | recurring | version 3
ach ACL api authentication behind the scenes blesta blesta 3 blesta 3.0 blesta v3 cli client area design developer commentary documentation encryption gateways importing invoices licensing minphp payments plugins security sql injection staff support TOTP translator v3 version 3
WP Cumulus Flash tag cloud by Roy Tanck and Luke Morton requires Flash Player 9 or better.
Blesta is a product of Phillips Data, Inc. / Email:
© 2009 Phillips Data, Inc.