Rocketz

Found a developer. Good to go!

He just got back to me. I hope the various projects I have with him are back on track.

I really hate doing this but... No answer from his support desk and nothing on Skype since December 7th. What sucks is he was someone who used to be very communicative, did good work for me in the past, and now nothing, and he has my money.

I'm not on this forum constantly. Your website is offline so I can't access the Blesta tickets that contained all the custom development details, and you aren't replying to my support email. All I'm asking for is an update, and I shouldn't have to come to a forum to get them.

Paid him for some custom development over 2 months ago, and zero updates in the last month. Emailed support and nothing. Website is barely even up. Is he basically gone from the Blesta scene?

Look, I get you're a college kid, but stop acting like a child. I'm not going to entrust my billing system data and its integration with critical service providers to plugins that could be easily exploited because of cowboy coding practices. I don't trust your coding. I don't know it. There's no history there. Even your "fix" of the Digital Ocean module was a half-fix with problems. So yes, until that trust and history is built, there's absolutely no way I'll use plugins made by your or others that encode their files with no way to get a good look at their security. That's my choice. It's up to you to figure out if you want to spend that extra money to do that or not. No one's forcing you or anyone else to do it

Thanks Paul. Are there any other variables that can be used in that db table? I.e : {year} {month} or just {num}? I guess it's not that important, but good to know if i want a little bit of structure.

Client Id is used for a few things. It's also the account number. All businesses I deal with randomize the account number because its also used as authentication for them. How can i randomize client ID in blesta?

I'm used to seeing "unsecured" under the name of the customer, depending on how they opened and replied to the ticket. I don't think a confirmation link works in the end. If we're looking for security, spoofed email is too easy to do. This is what we were working towards at another company : Customized security questions. Staff can't see the answers. Can only input what the customer provides and the system says "yes, accepted" or "nope". Whitespaces and capitals were removed to avoid weird scenarios, but that's done in the backend. So in trying to keep this simple: - Customer opens via email : ask security questions, support pin, whatever. A confirmation link is not good enough - Customer opens via Blesta, but no 2FA : same thing as above - Customer opens via Blesta with 2FA : party! If you want really tight integration, the whole staff inputs pin in a box could be done in the ticket itself to save some clicks. Once it's entered, the ticket becomes "secured" and no one needs to ask for it again

Very much agree with this. How we dealt with this in another system was this way : - If a user opens a ticket from their client portal, and 2 factor is enabled : perform the request - If a user opens a ticket from the client portal, but 2FA is not enabled : ask for a support pin or security question - If a user emails in : same as above The support pin or security question is something the user sets up at order time. They cannot be changed or reset by the customer. If they need to be reset, you ask for ID before allowing the user to change them. And then of course, it was noted on the ticket how it was opened, as suggested in this thread.

1 - To fix this, it would require the module developer to also have the hosting companies install a hook on each cpanel server to relay the password back to cPanel Extended. A cool feature to be sure, but probably a decent amount of work for a free plugin. 2 - I don't understand this question. Do you mean the service is not canceled when canceling the service via the admin panel?

So i just found out today that if you perform a cancel action from the admin side, there is no popup that asks you "are you sure?". Most of the time, these popups are just annoying, but i've seen tired staff members first hand removing an entire account by mistake. I'd really like a popup to slightly slow down these actions, like cancel, schedule cancellation, etc.

2 Feature requests : 1 - Pass either the customer email, or the server admin email to WHM. That way, account-level notifications will be delivered to the right person 2 - A popup confirmation when performing a cancellation and when scheduling a cancellation from the admin side. These actions are not reversible, so a popup slowing you down a bit for this is really helpful.

I can't replicate this on cpanel extended. The service gets canceled just fine, and removed from the server

ya, i think my dev ran into this same issue. He had to create the html templates directly in the sql database. Not a work around i was very happy about

ya that's how i say everything should run. I don't want to rely on a stable browser connection to have anything done within my software. As little failure points as possible. I suppose a cool feature would allow the user to go back to a page and see the action in progress, but not actually rely on the browser to keep the process going

I can't think of a task that should rely on the browser being open to complete something. Just the logic behind it doesn't make sense to me. Is there any technical reason anything needs the browser open to continue the process?

+1 on these. Country and client ID would be great

I'm not a coder... but I asked my dev to really customize my blesta install, and he did a great job doing it without ever touching the core files. We hit some limitations (like you would on competitors), which could be overcome, but that meant overwriting core files and like you, I didn't think it was a good idea It's very secure though. I had an outside party try all the common attack vectors + whatever they had in their toolbox and no exploits to be found. So while I didn't do it myself, it does seem like Blesta's way to theme things is still secure. Btw : one thing I'd suggest is get a dev or staging license from Blesta. Have your third party theme it on that license. Run tests on it, get the code reviewed by someone else if you don't trust your dev, and when you feel good about it, move it to production.

weird. When i tried to make it cause errors, a little red box appeared on top and it said there was an error. There were no details, but at least it showed an error Maybe a firewall / timeout issue? I can't say for sure without more info. That's what usually happens to scripts who hit a CSF problem. Maybe @cyandark can chime in, and provide some log locations to see if you can find the exact error and what the script is doing.

softaculous works for me with cpanel extended. I just tested with WP. What do your error logs show?

Not a bad suggestion. What I'd do is like how when you add a new credit card as a payment method, most processors will authorize a $1 charge on it to make sure it's valid. So when adding the department, just have blesta do this in the background, with no front-end gui visible. If it checks out okay, add the department. If not, show the error.

I really think Blesta should raise the prices a little bit. Keep the same model, but for 4.0, do some math and see what 1 extra dollar per month would mean for you guys, or $10 more per year of updates. If it means being able to expand the team, or purchase others' work, it could be worth it. I'm not big on actuarial math, but i don't think any current customers would leave over a modest price increase if you showed them what that price increase will offer in return. A billing system should not be priced like a commodity. Full disclosure : this is coming from someone who's likely upgrading to lifetime license so it won't really affect me. I noticed it for the first time when it was discussed in this thread

The badge, ya. The badge works with the normal support manager, but I can't use it. It doesn't support linking services, and i don't think it does in 4.0 either. So I have to use Support Manager Pro. The badge doesn't work in the Pro plugin. Even with your addon. But it works fine with the normal support manager. I'm not sure where the problem is

I don't think custom fields will work for this though. From what I understand, custom fields will be applied to all tickets opened in a department. I don't want to create 12 different support departments. Here's an example Customer wants to migrate their site to one of our servers. We need their login, specific info etc. Now instead of replying and asking for that and doing a run-around, they would just see those fields and put that information in. Then that ticket gets sent to support or whatever. Another customer wants an SSL. We need the typical SSL info. Customer would input that in, and that info gets sent to support I feel like custom fields are only 50% of this solution