Leaderboard

Ah ok I didn't realise that. Well there's no problem with that at all then. Thanks for the help and advice

I Recommend @Blesta Addons they have a rock solid developement . Contact them they are ready to any challenge .

It's a nice day for the release

when we add manually invoice with tax, the tax is not saved in invoice . the same with edit a opened invoice . i use v4b6 .any one can reproduce the case? Edit ; i have found TAX was not enabled . , so it was our issue .

The System Overview widget should probably be updated to include Contact logins. Contact Login feature was added after this widget was created, so it may have been an oversight. https://requests.blesta.com

@Internetport just a quick note as well. A different process creates invoices as emails them out. So, sending email will not inhibit the creation of invoices in any way. When they are sent, they are marked as sent as they go out. So, if for some reason some do not go out due to an error or otherwise, they will be tried again later.

I suggest using a transactional email service like Mailgun for SMTP mail in Blesta. It's fast and there would no need to rate limit. The issue with rate limits is, of course, that people with a large number of recipients may not see all the email go out for a very long time. Blesta does start a new SMTP connection after a certain number of recipients as well, so this does slow it down some. I don't think we've heard from anybody that had an actual issue from too many emails. We are open to setting rate limits in the Mass Mailer plugin in a future release, but I'm curious to see how many people ask for it.

Yes, that's correct. CSRF is still enabled everywhere else.

Done and tagged as version 1.3 on Github, and will be included in 4.0 final.

The SSL Store has announced a new update regarding their API for DV verification has been changed . is Blesta has any update for his Module , or we should make the change .

Most CSRF attacks are to perform actions as an authenticated user. For example, the form that creates a new admin in Blesta would be a good target for a CSRF attack, but you'd have to be logged in and CSRF disabled for it to work. If I had to pick a page to disable CSRF for, it'd be an unauthenticated page, like the login form. It might be possible by modifying the code, I don't have an example off the top of my head for you though, and I probably wouldn't recommend changing the core. Might be a good feature request though, to be able to set where the user is directed after a log out.

I'm testing modified plesk module with two fields for IP adress ,one field ip_adress and second public_ip:adress ..should be done very soon

Thanks for this, just what I needed. I have added a hmtl front page to my blesta install that has a model login. I have made the recommend change in blesta.php... Configure::set("Blesta.csrf_bypass", array('client_login::index')); I have modified the action url for my login form as follows... <form method="post" action="https://mysite.com/client/login"> Everything is now working fine. I have 2 question. 1. Is this safe to do? obviously csrf tokens are there for a reason so is disabling them like this safe? 2. when I logout from the client area I am taken back to /client/login am able to change this behaviour so the client is taken /index on logout? Thanks everyone

I just looked Plesk documentation and in case when api request is sent to server behind NAT in field IP adress private IP should be placed and one more field public_IP_adress should be sent ...

It depends on your backup. If you follow this guide though, you should do well - https://docs.blesta.com/display/user/Moving+Blesta If your backup has all of your Blesta installation files and your MySQL database, then your backup should have all you need, but it could be a little out dated depending on when your backup was performed.

You need the moving blesta docs, just copy the blesta files over including the config files and the database.

Just want to post here that the CMS is going to have a re-write so it may be delayed hopefully not after March but this will improve how we can upgrade / improve the plugin in the future and allow us to stay on the page we are editing. Eg: If you edit a blog post you don't want to end up clicking Blog again.

I m also agree with Paul try hugo. We already start move from WordPress to hugo and its more secure and faster then WordPress.

Thanks again for the help. For anyone else that comes up against this error, its a system error not a blesta error To fix it, locate your php.ini (in my case /etc/php.ini) and uncomment date.timezone =. check here for your timezone http://php.net/manual/en/timezones.php and add in the correct one for you. example: date.timezone = "US/Central" if the line doesn't exist you can just add it. Thanks

Welcome mate give me a bell if you need me

Thank you! I think most of the remaining issues are with PHP 7. You don't like to click? If we did hover activated menus, we would have to treat them differently on mobile devices since it's not possible to hover on a phone. Well, at least the phone doesn't know you're hovering. Maybe in iPhone 8.