DandyDandy

Which then checks it against the Google Maps API to ensure it is actually a valid address/street

I think the days of branded applications is a thing of the past, I'd just do away with the branded licenses trying to differentiate a product simply by having a tagline along the bottom isn't a thing nowadays people will remove it and most will just rewrite over it using a crafted .htaccess or something crazy.

Correct but most of these fraud measures can be implemented directly simply by cross checking with the information inputted at checkout there's no need to have a 3rd party service such as Maxmind for half of these features. If anyone is solely using Maxmind for fraud prevention then good luck to that.

Hi, It could be a good idea if Blesta incorporated some fraud prevention as part of there product am unsure what they currently offer on that front but like most I believe they have Maxmind integration. Maybe producing a module which offers some basic forms of cross checking would be good and certainly a hit with clients who are experiencing annoying fraud or obvious fake orders. 1) Ensure clients IP matches location of country provided (Geo-Location Method) 2) Any free email addresses which are provided as part of a order which come from a country marked on a blacklist will require preview for instance you can select from a list which countries you want to allow free email addresses to be used from such as one person using a Hotmail account from UK might be deemed less like a fraudulent order than one from a very high fraud country or you could simply have a check box which means all free email addresses are required admin preview these could be compiled from a list such as: *@gmail.com *@hotmail.com 3) Postal code matching this is where the postal code must match the country selected for instance someone trying to use a US postal code with a UK address this will be prevented and told with an output "Invalid Postal Code" 4) High risk country preview - This would be where admins can select a list of countries which orders must be previewed such as if China is selected any order coming with a country selected as China must be previewed. I don't actually know if anyone would like this but these are some basic things I just pulled off my head which can help to combat spammy/fraud orders of course it'll never be 100% effective but getting the basics will help keep the riff raff at bay.

Hi, It would be great if you could maybe consider adding a basic internal knowledgebase so any admin/staff member can view for important internal information. It doesn't need to be all the features of the world but something where you can add a basic article or information piece for techs is great maybe also a basic ACL which prevents which admins/staff can edit, remove, add articles. Knowledge Is Power

OpenVZ is container based virtualization which is stated more than once across most of there site.

Just be using the default rule set which will likely need editing for everything to play nice. Maybe if a couple of others on these boards take to using it between us all we could bring up some kind of recommended rule set which this thread or something. Debian now have Nginx + Naxsi package so it's becoming popular.

That's good to hear. Virtualmin/Webmin has a free Nginx module which allows for easier Nginx administration

Just don't use Apache that is a overkill of an overkill for one or two domains

Oh yes commonly referred to as "host hoppers" within the hosting industry. I think the importer is great considering how much work it needs to do to even move the database let alone import it as well. I think adding some type of "verbose option" to the migrator will be good as it will display in verbose output which is "real time" what it is doing and which stage it's at. Also maybe consider adding some type of "option based" menu on the migrator in the future so those with bigger databases can migrate everything but tickets over first then re-run after to migrate the tickets solely this will prevent everything being done at once and hopefully would make the migration seem a little less painful to some.

I'll be trying a true HA setup in the future with a number of virtual machines using Webmin and it's Heartbeat module. I quite like using virtual machines because there easier to re-deploy in catastrophic failure.

I've just gone back over this topic a couple of times and some of the posts are shocking me with the lack of patience and damn right rudeness some are displaying here I would like to remind people the WHMCS Migrator is still in "BETA" also seen those asking the same stuff which has been address previously I feel strongly the Blesta guys need to add a basic F.A.Q for those moving from WHMCS to Blesta.

Hi, I stumbled upon a "fun stuff" topic which the Blesta guys created showing Blesta v3 running on a Rasberry PI so this brought my mind to a light bulb moment to see what others are using to run Blesta on. I personally don't like running any billing system in a "typical" shared environment like a cPanel server for obvious reasons so I run mine using a quality VPS from a provider I know who maintains good security with good hardware as such I only get 256MB Ram with a few GB's of diskspace but this being a premium solution it does me happy as I can customize almost every aspect of the environment used. I guess as a fellow "nerd" I love getting the most BANG out of a low resource system this small VPS server currently runs a production website with the production billing system which is WHMCS along side my production ready Blesta installation (Without corporate data). It has Virtualmin/Webmin installed and Xcache but the corporate website only used that since I don't use it on the billing system as excluding the admin folder from it's usage is a nightmare so it doesn't play nice. More than anything I can confirm that Virtualmin/Webmin + Blesta will happily churn along using a 256MB Ram VPS if your prepared to get your hands dirty the most basic modification is prepping Virtualmin for a low ram environment secondly a more performance based web server such as Nginx then of course some caching. I also moved DNS offsite and disabled "bind" since this was a performance killer plus I wanted a true name server setup for a more global performance factor. The next tweak I wish to do with my current system is removing Xcache and start using APC since with this setup I can use the "apc.filters" and exclude files/directories I do not want to be cached such as the "admin" folder this should hopefully be a VERY nice setup once it's all complete but untill then am curious what others are doing

Hi, With modern day computing now going to the extremes having peace of mind and strong security in place is critical not only having Firewalls, Virus Scanners, Malware Scanners but you also need at least a basic WAF/IDS system in place since Blesta come's complete with "PHPIDS" I want to focus my time getting Blesta to work nicely with Naxsi as it stands I haven't try using them both yet but it'll be good to see just how they play and moving forward using them together along with other pieces of software to have a complete "performance protection suite" which covers you from more angles than a basic Firewall. Taken from OWASP I would like to quote this text: Before I move further and hopefully get Blesta + Naxsi running together as everyone else tried running them both? P.S I already have Blesta + Nginx running smooth which is half of the setup already completed but here is a nice article detailing the setup and installation in more details for anyone interested: https://www.axivo.com/community/threads/nginx-naxsi-firewall-setup-on-centos.206/

Which version of PHP are you using?