Jump to content

Paul

Blesta Developers
 View Profile  See their activity

  • Posts

    6,719

  • Joined

  • Last visited

  • Days Won

    841

 Content Type 

Everything posted by Paul

  1. Paul
    The GoGetSSL module could use some improvements. Watch out for some news regarding TheSSLStore.
  2. Paul
    I like the idea of an IP block. One thing I want to do that I believe we have a task for is with the PHPIDS plugin, where it could issue a "csf -d IP" command on your Blesta server to block the attacker at the firewall. In this context, are you just asking for the ability to ban specific IPs from being able to say, place an order or login to the client area? Can you elaborate on how you would expect this to work?
  3. Paul
    Thanks for the information, I'll discuss rate limits with the team. Does anyone have a problem with mail being sent from the cron rather than from the browser? For me, I like being able to keep the window open and see the email go out when the cron starts, but not having to worry about leaving the page and interrupting the mailing.
  4. Paul

    Plesk Module Bugs

    Paul replied to austenite's topic in Bugs

    Ok, just to clarify: You'd like the IP address field renamed to hostname? Trying to use a hostname now does not work because of an error check that expects an IP address? The Plesk module generates passwords that are considered insecure in Plesk by default. Is "Strong" the default password strength setting in Plesk? It's likely any modification to the password generation would be to simply meet the requirements that Plesk typically expects. In this case, it looks like it must be: 8 characters, contain upper and lower case letters, digits, and special characters.
  5. Paul
    Please PM me the license key so I can verify that it's legit and eligible for transfer
  6. Paul
    If you want to help, please do more testing. There will be more to test in beta 2, which we hope to have out really soon.
  7. Paul
    As Mike mentioned, start here - https://docs.blesta.com/display/user/Migrating+to+Blesta Do a backup of your fresh Blesta install so you can restore it and re-attempt.. do a test import to start with to see if there are any issues, and make sure your Blesta cron is DISABLED. 30K clients may take a while to import
  8. Paul
    Have you enabled GeoIP? Settings > System > General > GeoIP Settings. If setup, hovering over the IP address on a client profile and other areas will show information about the IP address.
  9. Paul
    Reload your cache, looks fine to me.
  10. Paul
    It's just a difference in opinion and that's fine. We opted not to go with a heavy template engine for the reasons Tyson mentioned, because they are known to have vulnerabilities, and because they produce more overhead. That's not to say that the purpose these template engines fulfill isn't valid, I can understand certainly how the restrictions they place can be beneficial. Using smarty/twig/other wouldn't make me feel any better about giving someone I don't trust access to the templates though. If I don't trust them, I'm not even going to hire them, and if I do trust them, I'm still going to audit the code myself. They can have access to the dev environment, but never live. Fortunately with templates, it's fairly easy to spot any logic that shouldn't be in there, so not difficult to audit.
  11. Paul
    If you want to delete a post, it probably shouldn't have been posted to begin with. A good rule for the future.
  12. Paul
    OK, let's bring this thread back on topic, It's not fair to the OP.
  13. Paul
    OK guys, this page has been updated. Please review. I made some grammar changes, etc. especially on yours @timnboyshttps://www.blesta.com/development/
  14. Paul
    Giving someone you do not trust access to your code, via your templates or otherwise, is never a good idea. Blesta uses a template engine as part of minPHP, it just so happens it is very light weight. If I recall, Smarty had some major security vulnerabilities which affected at least 2 of our competitors. The bottom line is, you should only install extensions or themes from sources you trust.
  15. Paul
    We have no plans whatsoever to go to a per-client billing model. I just don't see that ever happening, I'm not a fan of the model. In theory it sounds great and fair, but in reality it only works for SaaS. The Lifetime license is certainly the most likely to get a price hike. Because it comes with updates forever, we have to be careful about how many we sell. That said, no company will ever say they will never raise prices. Inflation alone makes that impossible to promise. But, if you look at our record you'll see that we have never raised prices, and if we did, we certainly wouldn't raise them by 200% overnight.
  16. Paul
    Very nice, some people have been asking for this.
  17. Paul
    It looks like we don't use an auto response for auto closure. If you inspect the markup, what's output in the source for the image exactly?
  18. Paul
    The system user would have to have an associated email address, which I think would have to be hacked in. Are you just seeing the system gravatar in the UI, for tickets that are auto-closed?
  19. Paul
    I don't believe there is any email associated with the system user. What are you seeing, and what does the source look like?
  20. Paul
    Looks like it's fairly new, and has a PHP 5.5+ requirement. Looks good though
  21. Paul
    What do you plan to do with that information, display it to the end user? I would suggest something like "Your license is invalid. Your license may have expired or been suspended for non-payment. Please visit your account at https://my.account.com/client/login " Though, looking at the documentation, it seems to mention the following statuses: valid invalid_location invalid_version suspended expired unknown Did you follow the docs? Are you using the official License Manager?
  22. Paul
    If the license server returns no data, can't you assume the license is invalid within your application/module/extension/etc? This sounds intentional.
  23. Paul

    Blesta 3x to 4x

    Paul replied to BeZazz's question in Support

    PM me your key, or if you have an account with us and paid for the support & updates that way, please open a ticket. I will get you a copy of v4 beta 1. If you are not going live for a little while, I'd suggest making any customizations to v4 to start with, it will be much easier.
  24. Paul
    I expected this, but I didn't think they would move toward a per-client pricing model and drop owned licenses. People really don't like that pricing model.. but the worst part of it is this: If you use WHMCS, they know how many customers you have. They know what modules you're using. They are collecting that data. How will they use it? Maybe cPanel will market to hosting providers using WHMCS that don't yet use cPanel. If the information gets out, how will someone else use it? Something to think about.
  25. Paul
    I believe it's a browser issue, not sure how we would correct it. Chrome should know the difference between a page load and an AJAX request.
×
×
  • Create New...