Results 1 to 37 of 37

Thread: How is Blesta?

  1. #1
    Join Date
    Mar 2012
    Location
    Dhaka, Bangladesh.
    Posts
    300

    How is Blesta?

    i saw there is another billing software like whmcs called blesta. how is it? can you pls give any host url that using this software.

  2. #2
    Join Date
    Dec 2010
    Location
    127.0.0.1
    Posts
    5,387
    Hello, they are using the basic template (Which comes with it, it's a white and orange normally, however they've edited the colour to make the links blue. Url: http://www.captainhost.net/pier/

    Another default template edit: https://inertianetworks.com/i/ & https://inertianetworks.com/i/plugin...n/index/shared.

    They need to fix their currencies settings to remove the double USD.

  3. #3
    Join Date
    Mar 2003
    Location
    Canada
    Posts
    8,910
    Blesta is good.

    We use it for our security auditing business to handle invoices. No other software was even considered. The developers write clean code and the product is obviously very secure in our opinion, which is why we decided to use it. Might not have as many features or order form templates than the other billing panels, but it should be fine for the 'average' host.
    Patrick William | RACK911 Labs | Software Security Auditing
    400+ Vulnerabilities Found - Quote @ https://www.RACK911Labs.com

    www.HostingSecList.com - Security notices for the hosting community.

  4. #4
    Join Date
    Oct 2002
    Location
    State of Disbelief
    Posts
    22,951
    Anyone else bothered by the oddly long URLs it uses?

    Examples:
    /i/plugin/order/main/index/shared
    /customers/plugin/support_manager/client_tickets/add/
    Having problems, or maybe questions about WHT? Head over to the help desk!

  5. #5
    Join Date
    Oct 2012
    Location
    Portugal - My Paradise
    Posts
    224
    We bought a license before the new release, but we sold it again.
    is extremely basic and lacking in resources.
    And yes, I consider, the best choice for developers because Blesta is 99% opensource.

    But these developers also has a major flaw. Since it was launched, yet did nothing more than to fix bugs. Each version is released to fix bugs
    ▄▀▄ Offshore Dedicated Servers
    ▄▀▄ Keep your privacy!
    ▄▀▄ Europe Servers with DDoS Protection
    ▄▀▄ www.evoluso.com / [email protected] / SKYPE: evoluso.com

  6. #6
    Join Date
    Oct 2012
    Location
    Portugal - My Paradise
    Posts
    224
    Quote Originally Posted by bear View Post
    Anyone else bothered by the oddly long URLs it uses?

    Examples:
    /i/plugin/order/main/index/shared
    /customers/plugin/support_manager/client_tickets/add/
    Extremely stupid for a visitor to see a url with words like "plugin"
    ▄▀▄ Offshore Dedicated Servers
    ▄▀▄ Keep your privacy!
    ▄▀▄ Europe Servers with DDoS Protection
    ▄▀▄ www.evoluso.com / [email protected] / SKYPE: evoluso.com

  7. #7
    Join Date
    Dec 2010
    Location
    127.0.0.1
    Posts
    5,387
    Quote Originally Posted by bear View Post
    Anyone else bothered by the oddly long URLs it uses?

    Examples:
    /i/plugin/order/main/index/shared
    /customers/plugin/support_manager/client_tickets/add/
    I'm not, and not had any customer complain, however I can't answer for others, there was a thread about in the support forums.

    Quote Originally Posted by Gualter View Post
    Extremely stupid for a visitor to see a url with words like "plugin"
    You can edit them via the routes file which Tyson mentioned in the thread in the support forums.

  8. #8
    Join Date
    May 2013
    Location
    India
    Posts
    748
    We are not a hosting company, but we use blesta and it is working fine for us so far. There is not as much options you have with WHMCS; still it is simple and comprises of many useful features. The interface is tidy and it looks nice and very easy to integrate with your website. It says to be more secure based on the limited / controlled feature list. Its support module isn't good though.
    Last edited by nixtree; 12-19-2013 at 09:00 AM.

  9. #9
    Join Date
    Dec 2010
    Location
    127.0.0.1
    Posts
    5,387
    Quote Originally Posted by nixtree View Post
    We are not a hosting company, but we use blesta and it is working fine for us so far. There is not as much options you have with WHMCS; still it is simple comprises of many useful features. The interface is tidy and it looks nice and very easy to integrate with your website. It says to be more secure based on the limited / controlled feature list. Its support module isn't good though.
    A few good changes in 3.1 hopefully will improve it for you, like support staff titles.

    I didn't know however until Paul told me that you can use Markup on tickets.

    ## Header2 *italic* **Bold** etc.

  10. #10
    Join Date
    May 2013
    Location
    India
    Posts
    748
    Quote Originally Posted by CW Mike View Post
    A few good changes in 3.1 hopefully will improve it for you, like support staff titles.

    I didn't know however until Paul told me that you can use Markup on tickets.

    ## Header2 *italic* **Bold** etc.
    Thanks Mike..anyway we migrated our support module to Kayako

    And to the world, we bought the Blesta license from Mike - he's a very good guy and he provides good support as well..!

  11. #11
    Join Date
    Dec 2010
    Location
    127.0.0.1
    Posts
    5,387
    Quote Originally Posted by nixtree View Post
    Thanks Mike..anyway we migrated our support module to Kayako
    Yeah, I think Kayako is amazing but they've got not a integration yet.

    Quote Originally Posted by nixtree View Post
    And to the world, we bought the Blesta license from Mike - he's a very good guy and he provides good support as well..!
    Thanks for the review Nibin, glad your enjoying your service and support.

  12. #12
    Join Date
    Dec 2013
    Posts
    34
    If you need something like invoicing then blesta is good, but if you are running hosting biz blesta is bad choice.

  13. #13
    Join Date
    Jan 2006
    Location
    127.0.0.1
    Posts
    681
    It's funny how when WHMCS was going through its little phase of daily security exploits that everyone was frantically looking for alternative solutions out of anger and frustration. Even I was looking for an alternative solution but wasn't going to make a quick decision to switch to a product that didn't fit our needs.

    After seeing reviews from people who did made this mistake, and seeing the high number of Blesta licenses for sale... I'm glad we did not switch. Blesta still needs more time in the oven.

    However the fact that @Patrick put his reputation on the line for the product is a good thing, security wise.

  14. #14
    I am doing various blesta customizations for clients, and its easy when comparef to whmcs bcoz bleta is 99 percentage open source.

    Its code looks like addressed common security attacks. From my knowledge I would like to say blesta is a great alternative.
    The coder.

  15. #15
    Join Date
    Feb 2006
    Location
    Kepler 62f
    Posts
    14,877
    I'm kind of peeved that the prorated billing isn't there yet. Lots of people want this, but the Blesta crew is dragged its feet. It's shouldn't be hard to add.
    || Need a good host?
    || See my Suggested Hosts List || Editorial: EIG/Site5/Arvixe/Hostgator Alternatives
    ||

  16. #16
    Join Date
    Dec 2010
    Location
    127.0.0.1
    Posts
    5,387
    Quote Originally Posted by kpmedia View Post
    I'm kind of peeved that the prorated billing isn't there yet. Lots of people want this, but the Blesta crew is dragged its feet. It's shouldn't be hard to add.
    I'll let you know what I know, it will be included in 3.2 and they are making it easy to set-up and work for everyone.


    Quote Originally Posted by Eased View Post
    It's funny how when WHMCS was going through its little phase of daily security exploits that everyone was frantically looking for alternative solutions out of anger and frustration. Even I was looking for an alternative solution but wasn't going to make a quick decision to switch to a product that didn't fit our needs.

    After seeing reviews from people who did made this mistake, and seeing the high number of Blesta licenses for sale... I'm glad we did not switch. Blesta still needs more time in the oven.
    I believe people bought them cheap to make money on them. Buy it at $99 promotion price, sell them for x2 or more when the 30% promotion is finished.
    Last edited by Licensecart-Mike; 12-19-2013 at 01:38 PM.

  17. #17
    Join Date
    Dec 2012
    Location
    localhost
    Posts
    294
    Quote Originally Posted by CW Mike View Post
    They need to fix their currencies settings to remove the double USD.
    Whoops!

    Thanks for the help

  18. #18
    Join Date
    Dec 2010
    Location
    127.0.0.1
    Posts
    5,387
    Quote Originally Posted by Inertia Networks View Post
    Whoops!

    Thanks for the help
    You're welcome

  19. #19
    Join Date
    Feb 2006
    Location
    Kepler 62f
    Posts
    14,877
    Quote Originally Posted by CW Mike View Post
    I'll let you know what I know, it will be included in 3.2 and they are making it easy to set-up and work for everyone.
    Is 3.1 even out yet? So 3.2 will be released... ?
    || Need a good host?
    || See my Suggested Hosts List || Editorial: EIG/Site5/Arvixe/Hostgator Alternatives
    ||

  20. #20
    Join Date
    Oct 2002
    Location
    State of Disbelief
    Posts
    22,951
    Quote Originally Posted by CW Mike View Post
    Buy it at $99 promotion price, sell them for x2 or more when the 30% promotion is finished.
    I see them selling here (not specifically sold, but selling) at around $130 or so. That's not 2x or more than $99.

    In addition, the current full price is $175 on the site, itself not twice $99.
    Having problems, or maybe questions about WHT? Head over to the help desk!

  21. #21
    Join Date
    Dec 2010
    Location
    127.0.0.1
    Posts
    5,387
    Quote Originally Posted by kpmedia View Post
    Is 3.1 even out yet? So 3.2 will be released... ?
    If you've bought Blesta direct from them, you should be able to see the Blesta 3.1 forums, the Beta for 3.1 is out sometime this week 19th - 24th I believe. They are just finishing up.


    Quote Originally Posted by bear View Post
    I see them selling here (not specifically sold, but selling) at around $130 or so. That's not 2x or more than $99.

    In addition, the current full price is $175 on the site, itself not twice $99.
    Yeah on WHT most of them are at a reasonable price on Blesta forums some are looking for $185 - $249

    http://www.blesta.com/forums/index.p...r-sale-blesta/

    And another thread in the lounge forum.

  22. #22
    Join Date
    Feb 2006
    Location
    Kepler 62f
    Posts
    14,877
    Quote Originally Posted by CW Mike View Post
    If you've bought Blesta direct from them, you should be able to see the Blesta 3.1 forums, the Beta for 3.1 is out sometime this week 19th - 24th I believe. They are just finishing up.
    Any ETA of 3.2 from them? And yes, I bought it directly.
    || Need a good host?
    || See my Suggested Hosts List || Editorial: EIG/Site5/Arvixe/Hostgator Alternatives
    ||

  23. #23
    Join Date
    Dec 2010
    Location
    127.0.0.1
    Posts
    5,387
    Quote Originally Posted by kpmedia View Post
    Any ETA of 3.2 from them? And yes, I bought it directly.
    They don't have a ETA on 3.2 as they've just completed 3.1, should get it after the QA has finished.

  24. #24
    Join Date
    Apr 2009
    Location
    New York City
    Posts
    5,054
    Its a new billing system that is becoming more and more known day by day. It's a good piece of software at a decent price. It's well organized and it's a lot more secured than whmcs. It's features are amazing that the interface is nice . It makes billing your clients and providing shared services much easier.

  25. #25
    Join Date
    Feb 2004
    Location
    Toronto, ON, Canada
    Posts
    1,443
    At the current state of Blesta is still very bare.

    I visit their forums often to see if there is anything new released and like other poster have said it just need more time.

    Function wise it is still lacking some basic features even an average host would need.

    You can always throw in the argument of "not everybody needs hundreds of modules" but having just bare minimal modules is not a suitable solution for many.
    VimHost█ Providing Web Hosting since 2003: 13 Years of Dedication to our customers ~ Premium Hosting in Canada
    Email Hosting | RTMP Hosting | FFMPEG Hosting

  26. #26
    Join Date
    Mar 2009
    Location
    Turkey
    Posts
    45
    Usa And Turkey based Shared, Reseller Hosting, VPS www.karincahosting.com

  27. #27
    Join Date
    Jul 2005
    Location
    In the Internets
    Posts
    3,622
    Funny, when there's a WHMCS security issue, people go crazy. When there's a Blesta security issue, you hardly hear about it.

    ** Security Update Issued
    ------------------------------------------------------------
    An update for Blesta was just released to address two security vulnerabilities and it is recommended that you update as soon as possible.

    * [CORE-931] - Security: XSS vulnerability in client payment process
    * [CORE-932] - Security: Potential XSS vulnerabilities in use of Html::concat()
    Last edited by stablehost; 12-20-2013 at 06:56 PM.

  28. #28
    Join Date
    Dec 2010
    Location
    127.0.0.1
    Posts
    5,387
    Quote Originally Posted by stablehost View Post
    Funny, when there's a WHMCS security issue, people go crazy. When there's a Blesta security issue, you hardly hear about it.

    Doesn't even look like it's in their CHANGELOG. This is what we received from Rack911

    --

    ** Security Update Issued
    ------------------------------------------------------------
    An update for Blesta was just released to address two security vulnerabilities and it is recommended that you update as soon as possible.

    http://hostingseclist.us3.list-manag...6&e=8984051e46
    * [CORE-931] - Security: XSS vulnerability in client payment process
    * [CORE-932] - Security: Potential XSS vulnerabilities in use of Html::concat()
    Probably because of:

    1. They aren't as bad as WHMCS's vulnerabilities which could result in your system being accessed.

    2. It's not been made public as it was found from a security expert or the Blesta team themselves.

  29. #29
    Join Date
    Jul 2005
    Location
    In the Internets
    Posts
    3,622
    Quote Originally Posted by CW Mike View Post
    Probably because of:

    1. They aren't as bad as WHMCS's vulnerabilities which could result in your system being accessed.
    You don't think XSS issues are serious?

  30. #30
    Join Date
    Jul 2010
    Location
    Bogotá, Colombia.
    Posts
    368
    Quote Originally Posted by stablehost View Post
    Funny, when there's a WHMCS security issue, people go crazy. When there's a Blesta security issue, you hardly hear about it.

    ** Security Update Issued
    ------------------------------------------------------------
    An update for Blesta was just released to address two security vulnerabilities and it is recommended that you update as soon as possible.

    * [CORE-931] - Security: XSS vulnerability in client payment process
    * [CORE-932] - Security: Potential XSS vulnerabilities in use of Html::concat()
    Maybe those issues were found internally and not made public prior to the patch...

  31. #31
    Join Date
    May 2003
    Location
    California, USA, Earth
    Posts
    1,049
    Quote Originally Posted by stablehost View Post
    Funny, when there's a WHMCS security issue, people go crazy. When there's a Blesta security issue, you hardly hear about it.

    ** Security Update Issued
    ------------------------------------------------------------
    An update for Blesta was just released to address two security vulnerabilities and it is recommended that you update as soon as possible.

    * [CORE-931] - Security: XSS vulnerability in client payment process
    * [CORE-932] - Security: Potential XSS vulnerabilities in use of Html::concat()
    The issue reported to us didn't appear to be actually exploitable. The other 2 we found. Nothing in the wild. It would be so easy to silently patch things, but we don't sweep anything under the rug.

    Rack911 got on that quick. Awesome. Everyone should subscribe to their lists.
    Blesta - Professional Billing Software
    Innovation that benefits the user experience
    Trial - Demo | 866.478.7567 | Twitter @blesta

  32. #32
    Join Date
    Dec 2010
    Location
    127.0.0.1
    Posts
    5,387
    Quote Originally Posted by stablehost View Post
    You don't think XSS issues are serious?
    Would you rather have a XSS issue which can't damage anything serious or would you rather have a issue which allows someone to gain access to your administration area, download backups, download client information, even delete everything via mysql injections or changing files through a link?

    Also the XSS couldn't allow anyone to gain admin access. So yes I don't think it is serious.

  33. #33
    Join Date
    Oct 2002
    Location
    State of Disbelief
    Posts
    22,951
    Quote Originally Posted by CW Mike View Post
    Would you rather have a XSS issue which can't damage anything serious
    You may wish to read up on XSS.
    Having problems, or maybe questions about WHT? Head over to the help desk!

  34. #34
    Join Date
    Dec 2010
    Location
    127.0.0.1
    Posts
    5,387
    Quote Originally Posted by bear View Post
    You may wish to read up on XSS.
    I know they are both as bad, security wise like a billing system allowed admin access via a XSS, however these aren't high risk like many other systems.

    https://www.owasp.org/index.php/Top_10_2010-Main

    Open Web Application Security Project believe Injection(s) is the top risk (So I believe injection is a higher risk than a small harmless(ish) xss and it isn't as bad as a Mysql injection)... which other systems have had exploits for which are in the wild.

  35. #35
    Join Date
    Oct 2002
    Location
    State of Disbelief
    Posts
    22,951
    If someone hijacked an admin session (for instance), they have access to it all; logins, admin users, servers and so on. Someone using an injection to reveal admin users/emails/passwords (as in the October WHMCS issue) does less in that incarnation. It's foolish to downplay any such security issues as not being as bad, when they are, just in different ways.

    What matters is if they're fixed, how quickly, and how well.
    Both Blesta and Hostbill seem to be dealing with these strikingly fast, and I'm not seeing complaints about things breaking. Good job, them.
    Having problems, or maybe questions about WHT? Head over to the help desk!

  36. #36
    Join Date
    Mar 2013
    Posts
    837
    Quote Originally Posted by bear View Post
    If someone hijacked an admin session (for instance), they have access to it all; logins, admin users, servers and so on. Someone using an injection to reveal admin users/emails/passwords (as in the October WHMCS issue) does less in that incarnation. It's foolish to downplay any such security issues as not being as bad, when they are, just in different ways.

    What matters is if they're fixed, how quickly, and how well.
    Both Blesta and Hostbill seem to be dealing with these strikingly fast, and I'm not seeing complaints about things breaking. Good job, them.
    What bear said is how I feel. If a company is reporting what they are fixing internally it should not be held against them when it is done in way Hostbill and Blesta has been working on it. I recall a prior thread where it was stated that all software has vulnerabilities and I agree with that statement. The trick is actually, when you have a software company that works hard to actually find and fix the exploits before the exploit is used or becomes public.

  37. #37
    Quote Originally Posted by CW Mike View Post
    I'm not, and not had any customer complain, however I can't answer for others, there was a thread about in the support forums.



    You can edit them via the routes file which Tyson mentioned in the thread in the support forums.
    Got a link for that? My Google-fu is not showing me results relevant to that.

    Er... never mind. Searching directly in the forums revealed the answer.

    It's here for anyone else wondering: http://www.blesta.com/forums/index.p...-shorter-urls/
    ★ Ramon Reyes @ EidolonHost
    ★ Blesta and InterWorx Reseller. See WebHost Licenses for details.
    ★ We have Let's Encrypt Support

Similar Threads

  1. Replies: 0
    Last Post: 11-04-2013, 08:59 PM
  2. Replies: 0
    Last Post: 10-04-2013, 04:35 PM
  3. Replies: 1
    Last Post: 09-04-2013, 02:59 PM
  4. blesta
    By selbach in forum Hosting Software and Control Panels
    Replies: 5
    Last Post: 10-06-2009, 09:16 AM
  5. Any one using Blesta?
    By leanfarrell in forum Hosting Software and Control Panels
    Replies: 0
    Last Post: 09-24-2009, 10:26 AM

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •