Page 1 of 2 12 LastLast
Results 1 to 40 of 44
  1. #1

    Is blesta more secure than whmcs?

    Recent WHMCS Security issues reported is dangerous, and want to shut it down, till they release patched version or found an alternative.

    Use blesta or
    shut down whmcs and wait for new release of whmcs? What will be good option?

  2. #2
    Join Date
    Mar 2003
    Location
    WebHostingTalk
    Posts
    16,960
    Nothing is more secure. Only thing you can do is to secure the server before it reached the software :-)
    Specially 4 You
    .
    JoneSolutions.Com ( Jones.Solutions ) is on the net 24/7 providing stable and reliable web hosting solutions and services since 2001

  3. #3
    But the whmcs has a lot of code vulnerabilities. even if you secure your server, hacker can exploit it and stole valuable information.

  4. #4
    Join Date
    Mar 2013
    Posts
    837
    Quote Originally Posted by webexperts View Post
    Recent WHMCS Security issues reported is dangerous, and want to shut it down, till they release patched version or found an alternative.

    Use blesta or
    shut down whmcs and wait for new release of whmcs? What will be good option?
    While I will clearly state that no software is without vulnerabilities. I do believe overall Blesta is more secure then WHMCS simply because of the precautions I have seen them take with every content patch.

  5. #5
    Quote Originally Posted by webexperts View Post
    But the whmcs has a lot of code vulnerabilities. even if you secure your server, hacker can exploit it and stole valuable information.
    That's true but the vulnerability like SQL injection, XSS can be prevented at server level. Most of the critical vulnerabilities are based on SQL injection.
    || Web Hosting Blog - Web Hosting security & latest web hosting industry Announcements
    || Web Hosting Discussion - A Web Hosting community

  6. #6
    Join Date
    Jun 2011
    Posts
    2,286
    It's also worth noting that WHMCS has a LOT more users than Blesta. The bigger/more well known a software package is, the more likely that vulnerabilities are to be found. There will be more people probing the software looking for flaws in WHMCS, than there will Blesta.

  7. #7
    I agree that whmcs has a lot more users than blesta. as a result it will have more chnace to get hacked.

    See
    http://www.webhostingtalk.com/showthread.php?t=1275572

    I guess they don't want to fix issues quickly, that attitude will result in having more and bugs without any fix from them. If they have ateam on fixing issues that will help the customers.

    If they keep servere issues in pipe, that's a bad attitde. Instead they should give priority to fix it.

  8. #8
    sorry for the typo, i mean.
    If they keep severe issues in pipe, that's a bad attitde. Instead they should give priority to fix it.

  9. #9
    Join Date
    May 2013
    Location
    India
    Posts
    748
    Quote Originally Posted by Ethernet Servers View Post
    It's also worth noting that WHMCS has a LOT more users than Blesta. The bigger/more well known a software package is, the more likely that vulnerabilities are to be found. There will be more people probing the software looking for flaws in WHMCS, than there will Blesta.
    I agree....vulnerability checking and common attacks will be high for well knows applications. The userbase of WHMCS is lot more than blesta's. So likely any issue that is reported with WHMCS can be spread more faster and make more people panic

  10. #10
    @nixtree:

    I too agree with your comment. My point is they should start the work on fixing it immediately, instaed of adding it to task queue.

  11. #11
    Join Date
    May 2013
    Location
    India
    Posts
    748
    Yes, especially security patching. It is sure that delay that happens with security patching may make many of their customers to rethink and migrate. Good thing is that they have launched some kind of security auditing and offering rewards who report security holes, to them. Hopefully they can do well to protect their customers from attacks.

  12. #12
    Let's hope they will fix it quickly. developers including me will get reward if an issue is found

    One issue with blesta is, they don't have good documentation for creating modules, as we did modules, we could do it. But new developers find it difficult.

  13. #13
    Join Date
    Mar 2003
    Location
    Canada
    Posts
    8,910
    Quote Originally Posted by Korean View Post
    Any body who says it is more secure is wrong. Still you do not know. You have to wait and see
    Blesta has very clean code and it is statistically speaking, more secure than every other billing system currently on the market.

    We went heavily over the product and couldn't find anything worthwhile. Friends of ours who have another established auditing firm also went over it and could only find some low level XSS vulnerabilities. If there is something in Blesta, it's extremely obscure and a lot of very bright minds were not able to pick up on it.
    Patrick William | RACK911 Labs | Software Security Auditing
    400+ Vulnerabilities Found - Quote @ https://www.RACK911Labs.com

    www.HostingSecList.com - Security notices for the hosting community.

  14. #14
    @Patrick:
    What you think is the best way to prevent xss attacks? How blesta prevent it?

  15. #15
    Join Date
    Nov 2011
    Location
    Harrisburg, PA
    Posts
    2,073
    This question is kind of like asking "which is more secure, a screen door or an all-steel storm door?". The answer is that the storm door has fewer inherent vulnerabilities than the screen door (a box cutter can slice through a screen door, but not a storm door). And the storm door has a stronger frame and can theoretically absorb more abuse before giving in. So yes, strictly speaking, that all-steel storm door is technically more secure.

    But if your door frame is made of rotting wood, neither door is secure. A good swift kick or two will open either one. And how about your windows? Are they shatter proof? Do they have iron bars over them? What kind of exterior walls do you have? Cinder block walls can be knocked through fairly easily. Do you have an alarm system to alert you to tampering? Do you have an armed guard on the premises to defend against intruders? What's your policy on handing out keys? Do you ever change the lock?

    It's the same with billing systems. Neither system is secure if your root password is "Password1", or if an OS-level update allows a security breach, or if a renegade employee has access, or if there's a man-in-the-middle attack between you and the server, or any one of a dozen of other things.

    The billing system is only one part of your platform. You have to do some work to keep the rest of it secure. Just having a secure billing system by itself isn't enough to keep you safe.

    That being said, if all else is equal and you have an overall secure platform, your odds of getting hit by an exploit are higher if you're running WHMCS than if you're running Blesta. I'm saying this based on the number of security patches each has had over the past 18 months, and the opinion of people far smarter and more skilled than myself (see Patrick's comment above) who say that Blesta's code appears to be well-written and relatively secure.

    TL/DR: Any application is only as secure as the platform on which it runs.
    Fresh Roasted Hosting :: High-performance Harrisburg web hosting since 2012!
    "The only thing better than the world's best customer service is never needing them in the first place."
    Shared :: VPS :: Reseller :: Dedicated :: Co-Location :: SSL Certificates

  16. #16
    Join Date
    Jan 2003
    Location
    Canada
    Posts
    2,125
    You guys are making the answer far more complicated than it is. The answer is plain and simple, yes. 100% yes blesta is more secure. Whmcs has sloppy code end of story. It doesn't matter if you can block them at a server level - they exist and tat's that. The fact that they exist make it a less secure script.
    █ █ █

  17. #17
    Join Date
    Sep 2002
    Location
    Top Secret
    Posts
    11,686
    Quote Originally Posted by net View Post
    Nothing is more secure. Only thing you can do is to secure the server before it reached the software :-)
    Of course things are 'more secure'.
    • Properly designed code is more secure
    • Moving things to where they aren't normally is more secure (albeit security by obscurity)
    • Setting proper permissions is more secure



    Quote Originally Posted by Ethernet Servers View Post
    The bigger/more well known a software package is, the more likely that vulnerabilities are to be found.
    While this is slightly true, it's not always the case, and it's certainly not the only factor here.

    Is blesta 'more secure' than WHMCS?
    Looking at reported vulnerabilities and history, yes.
    Looking at the code for said vulnerabilities, and, again, history, yes.
    Last edited by whmcsguru; 11-01-2013 at 10:57 AM.
    WHMCS Guru - WHMCS addons, management, support and more.
    WHMCS Notifications Extended - Add slack, hipchat, SMS, pushover to WHMCS !!
    Always looking for Linux, WHMCS, Support Desk work. PM for details

  18. #18

    Re: Is blesta more secure than whmcs?

    I too have above opinion, if code is bad there is no use in making yhe server secure. If an upload folder has 777 permission and if extension is not checking when uploading file, anybpdy can upload php script and read allinfo. Just an example. In this csse even if ur server is secure, ur data will be stolen.
    The coder.

  19. #19
    Join Date
    Oct 2002
    Location
    State of Disbelief
    Posts
    22,951
    Quote Originally Posted by Ethernet Servers
    It's also worth noting that WHMCS has a LOT more users than Blesta.
    Quote Originally Posted by twhiting9275 View Post
    While this is slightly true
    Slightly true? Based on what is Blesta anywhere near the same amount of users?
    Having problems, or maybe questions about WHT? Head over to the help desk!

  20. #20
    Join Date
    Sep 2002
    Location
    Top Secret
    Posts
    11,686
    Quote Originally Posted by bear View Post
    Slightly true?
    Yeah, yeah, misquoted the post. Fixed
    WHMCS Guru - WHMCS addons, management, support and more.
    WHMCS Notifications Extended - Add slack, hipchat, SMS, pushover to WHMCS !!
    Always looking for Linux, WHMCS, Support Desk work. PM for details

  21. #21
    Join Date
    Sep 2002
    Location
    Top Secret
    Posts
    11,686
    Quote Originally Posted by webexperts View Post
    if code is bad there is no use in making yhe server secure.
    Now, now, I wouldn't go that far
    WHMCS is as insecure as it gets (again, going by history, nothing else), but there are steps you can take to secure even the most insecure bits of software, such as (using the WHMCS example):
    moving the download directory
    renaming the admin directory
    moving the templates_c directory
    locking down what attachments can be added (or just removing them altogether)
    encrypting your config files (just make sure you have a backup )

    There's lots you CAN do with even the most insecure software
    WHMCS Guru - WHMCS addons, management, support and more.
    WHMCS Notifications Extended - Add slack, hipchat, SMS, pushover to WHMCS !!
    Always looking for Linux, WHMCS, Support Desk work. PM for details

  22. #22
    Join Date
    Mar 2003
    Location
    Canada
    Posts
    8,910
    Quote Originally Posted by webexperts View Post
    I too have above opinion, if code is bad there is no use in making yhe server secure. If an upload folder has 777 permission and if extension is not checking when uploading file, anybpdy can upload php script and read allinfo. Just an example. In this csse even if ur server is secure, ur data will be stolen.
    A well thought out mod_security rule list will block 90+% of all SQL injections (mostly) protecting you from bad code in web applications. Is that how it should be? No, but you know what? It's better than nothing.

    With the exception of the last WHMCS zero day, even the default Atomic Rules would have blocked the exploits. The exception being the ability to view other users invoices, however, furthering the attack into SQLi would have been mitigated.

    Regardless of whether you're running very clean code or arguably bad code in your web applications, you still need a solid security setup for the server. You can never go too easy on security.
    Patrick William | RACK911 Labs | Software Security Auditing
    400+ Vulnerabilities Found - Quote @ https://www.RACK911Labs.com

    www.HostingSecList.com - Security notices for the hosting community.

  23. #23

    Re: Is blesta more secure than whmcs?

    Evem though I like blesta, I must say many people never hesred about blesta. But iguess it will get more popular soon.
    The coder.

  24. #24
    Join Date
    Mar 2003
    Location
    California USA
    Posts
    13,294
    Blesta has been around for a while, they just now are gaining popularity.
    Steven Ciaburri | Industry's Best Server Management - Rack911.com
    Software Auditing - 400+ Vulnerabilities Found - Quote @ https://www.RACK911Labs.com
    Fully Managed Dedicated Servers (Las Vegas, New York City, & Amsterdam) (AS62710)
    FreeBSD & Linux Server Management, Security Auditing, Server Optimization, PCI Compliance

  25. #25
    Join Date
    Sep 2008
    Posts
    87
    Doesn't Blesta have less overall features and modules then WHMCS? If the answer is yes, then it would stand to reason much more development will be done to add those features and modules. As new things are added, you have the chance of introducting new vulnerabilities. So, it may be secure now (to everyone's knowledge), but as it grows, security issues can happen. Any piece of software is that way...

  26. #26
    Join Date
    Feb 2004
    Location
    Toronto, ON, Canada
    Posts
    1,443
    This is how I feel about the Blesta situation too.

    Quote Originally Posted by SeanCP View Post
    Doesn't Blesta have less overall features and modules then WHMCS? If the answer is yes, then it would stand to reason much more development will be done to add those features and modules. As new things are added, you have the chance of introducting new vulnerabilities. So, it may be secure now (to everyone's knowledge), but as it grows, security issues can happen. Any piece of software is that way...

  27. #27
    time will tell
    Thank you (Just in case I forget)

  28. #28
    Quote Originally Posted by webexperts View Post
    Evem though I like blesta, I must say many people never hesred about blesta. But iguess it will get more popular soon.
    I am using blesta at the moment.Some of the downside I have notice already. No video tutorials and support is slow I must admit I am not the most patience person in the world and I don't know if Phil is answering all support request on his own.But if he had video tutorials in place I would stop sending him a lot less support tickets.

  29. #29
    Join Date
    Dec 2010
    Location
    127.0.0.1
    Posts
    5,387
    Quote Originally Posted by Ninjapanther-Greg View Post
    I am using blesta at the moment.Some of the downside I have notice already. No video tutorials and support is slow I must admit I am not the most patience person in the world and I don't know if Phil is answering all support request on his own.But if he had video tutorials in place I would stop sending him a lot less support tickets.
    Video tuts: http://videos.blesta.com/ The reason I was so hyped when I got Blesta 2.5, waiting for the v3 Beta. PS: Are you talking about Paul?

  30. #30
    Quote Originally Posted by CW Mike View Post
    Video tuts: http://videos.blesta.com/ The reason I was so hyped when I got Blesta 2.5, waiting for the v3 Beta. PS: Are you talking about Paul?
    Paul yes!!!

  31. #31
    Quote Originally Posted by CW Mike View Post
    Video tuts: http://videos.blesta.com/ The reason I was so hyped when I got Blesta 2.5, waiting for the v3 Beta. PS: Are you talking about Paul?
    Thanks mike that makes my life a lot easier.

  32. #32
    Join Date
    Dec 2010
    Location
    127.0.0.1
    Posts
    5,387
    Quote Originally Posted by Ninjapanther-Greg View Post
    Thanks mike that makes my life a lot easier.
    No problem, I was watching them 24/7 when I was waiting for the Beta period to open to the public. Yes I'm sad lol watching them all day waiting for the moment to play with it myself.

  33. #33
    Join Date
    Mar 2013
    Posts
    837
    Quote Originally Posted by CW Mike View Post
    Video tuts: http://videos.blesta.com/ The reason I was so hyped when I got Blesta 2.5, waiting for the v3 Beta. PS: Are you talking about Paul?
    Hmm, seems paul has added a few whole additional page of videos then the last time I checked.

  34. #34

    * yeah... really?

    Blesta do not keep a lot in the logs, and do not output all requests to apache. I understand there is a protection against sql injections in Blesta. But how can you tell a software is secure if you just cannot say if yes or no your server is hacked? Don't think you will see variables in the url telling you more about what's happening. Unless you know how to tcpdump ssl connections, you won't be able to tell if you are hacked or no).

    The variables are hidden in get requests unless you are using the API and build your own external interface : there is no way to tell what's been posted! ( again, i understand we can ssldump / man in the middle, but decoding ssl transmission is (today) something hard with diffie-hellman key's - ssl is no longer supported by the major browsers, and not everyone know how to man in the middle)

    The API cannot be restricted on a per ip basis while even whmcs does this.

    You won't be able to provide simple things like a free domain name to your customers, unless they use a coupon code.

    By using Blesta, your customers (and the admins) will see all their products mixed with domains. Blesta doesn't make any difference between a domain name and a hosting account.

    It's always the same peoples posting on their forum since a while ago. Should you search for Blesta installations, you won't see any major provider using it. All you will find searching for "powered by blesta" is crappy (not working) installs at providers who probably don't exist / don't have any, or barely no customers.

    I would advise to take time to think about if yes or no you feel comfortable with these points before you switch over to Blesta.

    Saying it's more secure because they are using a framework may be correct, but it also depends on how they built the framework.

    I also see a lot of posts that seems to be fake on wht about this script.

    I am not saying it's not good. The answer to this question depends on what you are looking for.

    I think major improvements are required before Blesta can be considered as a serious and secure alternative.
    Last edited by markgrowls; 08-01-2015 at 04:26 AM.

  35. #35
    Join Date
    Dec 2004
    Posts
    109
    Quote Originally Posted by markgrowls View Post
    Blesta do not keep a lot in the logs, and do not output all requests to apache. I understand there is a protection against sql injections in Blesta. But how can you tell a software is secure if you just cannot say if yes or no your server is hacked? Don't think you will see variables in the url telling you more about what's happening. Unless you know how to tcpdump ssl connections, you won't be able to tell if you are hacked or no).

    The variables are hidden in get requests unless you are using the API and build your own external interface : there is no way to tell what's been posted! ( again, i understand we can ssldump / man in the middle, but decoding ssl transmission is (today) something hard with diffie-hellman key's - ssl is no longer supported by the major browsers, and not everyone know how to man in the middle)

    The API cannot be restricted on a per ip basis while even whmcs does this.

    You won't be able to provide simple things like a free domain name to your customers, unless they use a coupon code.

    By using Blesta, your customers (and the admins) will see all their products mixed with domains. Blesta doesn't make any difference between a domain name and a hosting account.

    It's always the same peoples posting on their forum since a while ago. Should you search for Blesta installations, you won't see any major provider using it. All you will find searching for "powered by blesta" is crappy (not working) installs at providers who probably don't exist / don't have any, or barely no customers.

    I would advise to take time to think about if yes or no you feel comfortable with these points before you switch over to Blesta.

    Saying it's more secure because they are using a framework may be correct, but it also depends on how they built the framework.

    I also see a lot of posts that seems to be fake on wht about this script.

    I am not saying it's not good. The answer to this question depends on what you are looking for.

    I think major improvements are required before Blesta can be considered as a serious and secure alternative.
    Lol, you have only register as WHT member today to say this in two blesta posts? Seams to me its a WHMCS member

    Good for you that you dont have anything elese to say

    Any member can choose what is the best for each one, for me is blesta for outhers maybe WHMCS, I have worked with all Hosting Billing Scripts out there for several years, and blesta is the best.

  36. #36

    no i am not a whmcs supporter

    Hi,

    I tried whmcs, blesta, hostbill.

    I found no good solution at all. They all lack something.

    Blesta is great because of it's support. It's also great because it has clean code.

    There are great things with Blesta, but saying something is secure or not by reading a forum post is not a good thing.

    I am disappointed i cannot easily find out if a Blesta install is hacked or not. whmcs got it better on that side, but lacks on other sides (i.e. : suffered from many injection vulns). As per localhost.re website, there was tons of vulns on clientexec also. Hostbill had sql injection vulns in it's login.

    Nothing is really good. I am disappointed of all solutions.

    Maybe it is possible for you to tell me how i can get around this problem i have with Blesta? How can i tell for sure if i am hacked or not?

    I see other web hosts seems to use diffie hellman ciphers, so they don't do ssldump (won't decrypt the application data). I cannot use SSL v2 and SSL v3.

    I see requests made to our shopping cart, and i cannot tell exactly what's been submitted.

    I am working on the code, but it's not easy to find a way to add better logs to Blesta, to know what's been accessed, how, and by who, and using a reverse proxy means i need to disable the csrf validations everywhere.

    I'm lost. Sorry for being rude in my last post, but that's how i feel after trying it.

  37. #37
    Join Date
    Oct 2002
    Location
    State of Disbelief
    Posts
    22,951
    Quote Originally Posted by qlpqlp View Post
    Lol, you have only register as WHT member today to say this in two blesta posts? Seams to me its a WHMCS member
    Does the constant fan posting of yours for Blesta mean you work there?
    I have worked with all Hosting Billing Scripts out there for several years, and blesta is the best.
    Best for you, perhaps. He's also entitled to his opinion, whatever that is, so accusations aren't needed.
    Having problems, or maybe questions about WHT? Head over to the help desk!

  38. #38
    Join Date
    May 2003
    Location
    California, USA, Earth
    Posts
    1,049
    Quote Originally Posted by markgrowls View Post
    Blesta do not keep a lot in the logs, and do not output all requests to apache. I understand there is a protection against sql injections in Blesta. But how can you tell a software is secure if you just cannot say if yes or no your server is hacked? Don't think you will see variables in the url telling you more about what's happening. Unless you know how to tcpdump ssl connections, you won't be able to tell if you are hacked or no).
    What do you mean "do not output all requests to apache"? Blesta does not implement its own web server, all requests go through your web server. If you are interested in security, you look at the track record of the software, and what security researchers say. Passing all variables as GET requests in the URL string does not make for good security. Sensitive information in the HTTP logs is a BAD idea.

    Quote Originally Posted by markgrowls View Post
    The variables are hidden in get requests unless you are using the API and build your own external interface : there is no way to tell what's been posted!
    Variables in GET requests are visible in HTTP logs. POST requests are not, and they can contain sensitive information.


    Quote Originally Posted by markgrowls View Post
    Should you search for Blesta installations, you won't see any major provider using it. All you will find searching for "powered by blesta" is crappy (not working) installs at providers who probably don't exist / don't have any, or barely no customers.
    Yes, because your google search revealed everyone who is using Blesta and nobody has an unbranded license. We are seeing a lot of growth.


    Quote Originally Posted by markgrowls View Post
    Saying it's more secure because they are using a framework may be correct, but it also depends on how they built the framework.
    The framework is minPHP, we wrote it, it's FOSS (Free Open Source Software). You can download it in its entirety on Github for free and do whatever you want with it. What you're really doing is trying to spread FUD. "It might be insecure", with no basis in fact and no examples to support your argument.


    Quote Originally Posted by markgrowls View Post
    I also see a lot of posts that seems to be fake on wht about this script.
    Examples to support your argument? (or just FUD?)

    The one I'm quoting may very well be fake, it is certainly suspicious. New user, no way to verify your identity, only 4 hit job posts. Inaccurate information, no supporting evidence.

    Also, that's a VERY serious accusation. We have never and will never encourage anyone to post here on our behalf.

    Quote Originally Posted by markgrowls View Post
    Hi,
    I am disappointed i cannot easily find out if a Blesta install is hacked or not. whmcs got it better on that side, but lacks on other sides (i.e. : suffered from many injection vulns). As per localhost.re website, there was tons of vulns on clientexec also. Hostbill had sql injection vulns in it's login.
    You cannot easily tell if any software was hacked or not if the attacker cleans up after themselves. Terrible argument. Since you mentioned it, you may have noticed that Blesta was not listed on localhost.re. It's not because the localhost.re guy did not look at Blesta, he did. Other security researchers including Rack911, and SafeOrNot also looked at Blesta. Of the 3, only SafeOrNot reported any vulnerabilities to us (2 XSS), which were promptly patched.

    So who are you exactly and what made you decide to create an account at WHT to talk about Blesta? I mean, if nobody really uses Blesta, I find it interesting that you'd go through the effort.
    Blesta - Professional Billing Software
    Innovation that benefits the user experience
    Trial - Demo | 866.478.7567 | Twitter @blesta

  39. #39
    Join Date
    Dec 2010
    Location
    127.0.0.1
    Posts
    5,387
    Quote Originally Posted by markgrowls View Post
    Should you search for Blesta installations, you won't see any major provider using it. All you will find searching for "powered by blesta" is crappy (not working) installs at providers who probably don't exist / don't have any, or barely no customers.
    Really before starting stuff learn the facts, because I've never heard so much rubbish in my life.
    Last edited by Licensecart-Mike; 08-01-2015 at 01:19 PM.

  40. #40
    Join Date
    Oct 2002
    Location
    State of Disbelief
    Posts
    22,951
    Quote Originally Posted by markgrowls View Post
    I tried whmcs, blesta, hostbill.
    Perhaps it's time to contact us and provide something to show you've purchased all of these, so we can set some minds at ease. You may use this link: http://www.webhostingtalk.com/report.php?p=9503768
    Having problems, or maybe questions about WHT? Head over to the help desk!

Page 1 of 2 12 LastLast

Similar Threads

  1. WHMCS > Blesta Importer
    By Server Management in forum Hosting Software and Control Panels
    Replies: 9
    Last Post: 10-22-2013, 07:29 PM
  2. I Need A Blesta or WHMCS license
    By 45th Street in forum Software & Scripts Requests
    Replies: 4
    Last Post: 09-18-2013, 08:15 PM
  3. WHMCS or Blesta?
    By ExoHosting-UK in forum Hosting Software and Control Panels
    Replies: 17
    Last Post: 11-05-2012, 11:41 AM
  4. WHMCS vs Blesta
    By selbach in forum Hosting Software and Control Panels
    Replies: 33
    Last Post: 07-06-2011, 04:48 PM
  5. Blesta to WHMCS conversion
    By ZeroWebLLC in forum Hosting Software and Control Panels
    Replies: 1
    Last Post: 05-01-2010, 10:57 AM

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •