Blesta 3.3 Feature Preview - Pro Forma Invoices

July 9, 2014 | Posted by Paul

Blesta 3.3 is in active development and is coming along nicely. One of the new highly requested features is Pro Forma Invoices. Let’s take a look!

In this video I’ll walk you through the process of enabling pro forma invoices. This is the process you’ll follow after we release version 3.3, if you need to issue pro forma invoices to your clients.

That was easy!

I know what you’re thinking. It’s too simple right? You should have to tweak settings and hone your coding skills modifying files that you’ll have to change again after you upgrade. Right? Not with Blesta.

So, how does it work?

After enabling pro forma, invoices will be created as pro forma invoices. Once paid, the pro forma invoice will be converted to a standard invoice with new invoice numbering. Invoices and Pro Forma Invoices have unique numbering and formats. By default, Pro Forma Invoices will start with PROFORMA-, followed by a number, but this can be changed under “Pro Forma Invoice Format”.

Pro forma Invoice

If you’re not an EU company, chances are good you don’t need pro forma invoices. Blesta will continue to use the standard invoice format out of the box.

Blesta 3.2.1 Patch Released

June 25, 2014 | Posted by Paul

3-2-1, blast off! I couldn’t resist.

A patch has been released for Blesta that addresses bugs discovered since 3.2.0 was released. As usual, a big thanks to everyone who reported and confirmed these bugs on our forums, we appreciate your help.

You can read more information about this patch, including the release notes, on our forums at

Download 3.2.1 Patch Download 3.2.1 Full

To patch your installation, please follow the instructions for Patching an Existing Install from our user manual.

Interesting Stat: This is the 20th consecutive month that we’ve had one or more releases.


New Module: Multicraft

June 3, 2014 | Posted by Paul

Multicraft is popular Minecraft game server control panel, and today we announce the beta release of Multicraft for Blesta, a Blesta module.

Watch the video below, and then scroll down for more details.

Where can I get it?

Multicraft for Blesta is in beta, and available for download in the forums here. The module will be included in our next major release, version 3.3, and is compatible with Blesta 3.2+.

Download Documentation

What does it do?

The module allows the creation, cancellation, suspension, unsuspension, and management of Minecraft servers through Multicraft. Here are some of the client management features:

  • View Server Status
  • Restart Minecraft Server
  • Stop Minecraft Server
  • Start Minecraft Server
  • Set Server to Day Time
  • Set Server to Night Time
  • Set Server Name (If allowed)
  • View Connected Players
  • Kick Players
  • Server Console
  • Log in to Multicraft

Configurable Options

Aside from the many options available at the Package level, this module supports 6 configurable options as well. These can be used for customizing the checkout process, allowing customers to select options that override the Package settings. The options are:

  • user_players – Allow the owner to set the number of players in Multicraft
  • players – Allow the client to select the number of players as a quantity slider, or dropdown menu and charge per-slot
  • memory – Allow the client to select the amount of server memory as a quantity slider, or dropdown menu and charge for memory
  • daemon_id – Allow the client to select the Daemon ID, useful for offering servers in different locations, ie “Los Angeles”, “Dallas”, “Miami” which would correlate to Daemon ID’s in those locations
  • dedicated_ip – Allow the client to order a Dedicated IP address
  • jarfile – Allow the client to select the Minecraft server JAR file. For example, default Minecraft, Bukkit, Tekkit, etc.

All in all, this module is powerful and flexible. Be sure to read the documentation to get started.

Blesta 3.2: Now Available

May 14, 2014 | Posted by Paul

Three.Two is here and it includes a responsive client area and shiny new responsive order forms, all built on Bootstrap 3.1.

Download 3.2

See the documentation for details on how to install or upgrade.

What’s new in 3.2?

  • Responsive client area (Built on Bootstrap 3.1)
  • Responsive new order forms (Built on Bootsrap 3.1)
  • Clients can order addons for existing services within the client area
  • Ability to import and export staff and client area themes
  • New payment gateways, PagSeguro, PayJunction, and Skrill
  • New module, BuycPanel (Sell Licenses!)
  • New plugin, Client Documents
  • Ticket system improvements including: Auto close tickets, split tickets, and merge tickets.

And more, see the changelog!

License Manager

License Manager is a new extension for licensing your software products. It comes with a module that allows Blesta to provision new licenses, and a plugin that serves as a license server to validate those licenses.

License Manager is available to purchase for owned licenses for a one time fee of $100. To purchase, log into the client area, click the Manage button to the right of your owned license, then Addons, then the Add Addon button to order.

What’s next?

Based on your feedback, we have the following features planned for 3.3:

  • Proration
  • Proforma Invoices
  • Price Overrides

There will be more too, of course, but we are doing our best to prioritize development based on demand. Is there a feature you really want to see in a future release? Let us know on our feature requests forum!

Security Advisory – Two-Factor and Privilege Issues

May 14, 2014 | Posted by Cody

Affected Versions

Versions 3.0.0 through 3.1.3 are affected.


A user with a valid username and password may be able to properly validate two-factor authentication using TOTP by guessing the correct code. This issue is classified as a Low vulnerability. (CORE-1213)

An authenticated staff member may be able to affect settings in the system where they are otherwise prohibited via ACL restrictions, via carefully crafted HTTP POST requests under limited circumstances. This issue is classified as a Moderate vulnerability. (CORE-1163)


If you are running 3.0.x or 3.1.0 through 3.1.3 upgrade to version 3.1.4 or version 3.2.0.

Related tasks:

  1. CORE-1163
  2. CORE-1213


CORE-1163 was discovered by the Blesta Development Team. CORE-1213 was discovered by Kyle at MemoryX2.