Blog

Blesta 4.11 Beta Released

July 10, 2020 | Posted by Paul


We are pleased to announce that Blesta 4.11.0 BETA 1 has been released!

Can I participate in the beta?

If you have an owned or monthly license with us directly, you may download blesta-4.11.0-b1.zip in the client area now (Login Required). If you obtained your license from a reseller or distributor, you may be able to participate. Contact your reseller to find out. As with any beta, this release is for non-production use only and is unsupported. During installation, choose to start a free trial, open a ticket to request a trial key, or use your dev license if you have one.

Once you are up and running, head to the forums to report any issues and let us know what you think! If you have a license and are verified or become verified on our Discord chat, you’ll have access to a license holder only beta forum.

Visit the Beta Forums! Visit Discord Chat!

It's now possible to filter results for clients, packages, services, invoices, transactions, and tickets.

(Caption: Configuration of client cards, which appear in the client area. Plugins can create their own cards.)

So what is new in 4.11?

Blesta version 4.11 includes an affiliate system, configurable client cards, a new ISPManager module, an IP unblocker plugin, an option to force emails as usernames, and much more.

New Extensions

These extensions are new with Blesta 4.11.

  • ISPManager Module.
  • IP Unblocker Plugin (Supports cPanel and Directadmin servers running CSF).
  • Client Cards plugin (Adds service and invoice cards).

Updated Extensions

  • Order Manager updated to include a new affiliate system.
  • Order Manager updated to show order history to clients.
  • Order Manager updated to create an orders client card.
  • Import Manager updated to improve importing from WHMCS, and import of affiliate data.
  • Added Interworx support to the Auto Soft Installer Softaculous plugin.
  • Support Manager updated to allow drag and drop of attachments.
  • Support Manager updated to create a tickets client card.
  • Pterodactyl module updated to include username and password tags for welcome emails.

Changes to the Core

  • Added a new client cards system for displaying information cards on a client’s dashboard.
  • Added a forgot username option for clients.
  • Added a cancellation reason field when cancelling services.
  • Added an option to force emails as usernames.
  • Added new transaction filters.

Changes for Developers

  • Plugins can now create client cards.

Client Template Changes

  • /app/views/client/bootstrap/client_login.pdt updated
  • /app/views/client/bootstrap/client_login_forgot.pdt new
  • /app/views/client/bootstrap/client_main.pdt updated
  • /app/views/client/bootstrap/client_main_card.pdt new
  • /app/views/client/bootstrap/client_services_cancel.pdt updated
  • /app/views/client/bootstrap/client_services_serviceinfo.pdt updated

Note Regarding Hotfixes

Blesta now ships with bundled encoded files that support PHP 5.4 through PHP 7.3 out of the box. This means that you should not need to upload any hotfixes unless you are running a version of Ioncube loaders older than version 10.1. If you are running old Ioncube loaders, upgrade Ioncube or apply the following hotfix based on your PHP version:

  • PHP version >= 7.1.0 - use /hotfix-php71/blesta/
  • PHP version >= 5.6.0 and < 7.1.0 - use /hotfix-php7/blesta/
  • PHP version >= 5.4.0 and < 5.6.0 - use /hotfix-php54/blesta/

See the release notes for more details on this release.

Is there something you want to see in Blesta? Create a new feature request or upvote an existing one!

When is the final release?

Version 4.11 will be officially released after the beta phase has completed, which we expect to happen soon. Once we deem 4.11 stable for production, a final release will be issued. You can help speed things along by participating in the beta!

Blesta 4.10.2 Patch Released

June 30, 2020 | Posted by Paul


We are pleased to announce the released of Blesta 4.10.2, which addresses bugs discovered in the 4.10.0 branch. A big thanks to everyone who participated in helping to make Blesta better by reporting and confirming bugs on our forums and discord chat, we appreciate your help!

The release notes are available at https://docs.blesta.com/display/support/4.10.2.

Always run /admin/upgrade in your browser after patching or upgrading your installation. Patch releases may only be applied to the minor release to which it belongs. Only apply the patch if you are running 4.10.0, or 4.10.1. If you are running an earlier version, you must download the full release.

Download 4.10.2 Patch Download 4.10.2 Full

SHA256 Sum

% blesta-4.10.2.zip
fbe1ec9e7467331e96ccab8a50254437d120469ff8b7a0938deb5f93ce2f402d

% blesta-4.10.0-4.10.2.zip
103dc130237a4d47f669db4cafdcadc6a0f39c7db7db6deb34242efa17f483ac

To patch your installation, please follow the instructions for Patching an Existing Install from our user manual.

Security Advisory - Blesta 4.10.1 Patch Released

June 10, 2020 | Posted by Paul


Blesta 4.10.1 has been released, which addresses two bugs discovered in the 4.10.0 branch, including one security issue affecting the Order Manager with an impact rating of Moderate. More information about how we rate vulnerabilities can be found on our Security Advisories page. A big thanks to everyone who participated in helping to make Blesta better by reporting and confirming bugs on our forums and discord chat, we appreciate your help!

The release notes are available at https://docs.blesta.com/display/support/4.10.1.

Always run /admin/upgrade in your browser after patching or upgrading your installation. Patch releases may only be applied to the minor release to which it belongs. Only apply the patch if you are running 4.10.0. If you are running an earlier version, you must download the full release.

Download 4.10.1 Patch Download 4.10.1 Full

SHA256 Sum

% blesta-4.10.1.zip
9065d52c3d916efe73474687d116fc2ec7673160e8f288fa6b53568a6e0267fa

% blesta-4.10.0-4.10.1.zip
b64ccf68814951441c4d716d1648687376bee29d0650774f1f14d3bb22c258db

To patch your installation, please follow the instructions for Patching an Existing Install from our user manual.

Affected Versions

All versions of the Order Manager plugin are affected.

Description

This update addresses one security concern:

  1. An XSS flaw that affects the order system under certain circumstances.

Resolution

If running 4.10.0, apply the patch for 4.10.1. If running a version earlier than 4.10.0, upgrade to the full 4.10.1 release. See below for mitigation for older supported releases.

Mitigation

It is best to upgrade to 4.10.1, however, if you are running a supported version of Blesta (version 4.6, 4.7, 4.8, or 4.9) you may overwrite the following files from the 4.10.1 patch:

  • /blesta/plugins/order/views/templates/ajax/config.pdt
  • /blesta/plugins/order/views/templates/standard/config.pdt
  • /blesta/plugins/order/views/templates/wizard/config.pdt

Credits

This item was reported by Abdellah nadi in accordance with our Responsible Disclosure Policy.

Blesta 4.10 Released

May 26, 2020 | Posted by Paul


Blesta 4.10 is now available! You can now charge late fees, filter clients, packages, invoices, services, transactions, and tickets. You can now use an internally generated captcha, adjust smart search criteria, and send an email to clients when their services are scheduled for cancellation. We also added a new Namesilo module, Cornerstone gateway, and much more!

Download 4.10

SHA256 Sum

f0b2d7982492f929b4a1942800da36c9de578bf3a80a2be918c680fe69e2ca2b

See the documentation for details on how to install or upgrade.

What’s new in 4.10?

  • Late fees.
  • Filtering options have been added for clients, packages, invoices, services, transactions, and tickets.
  • Human verification options moved to company settings and added a new internal captcha option.
  • Clients can now receive an email when their services are scheduled for cancellation.
  • Reference ID is now included in transaction searches.
  • Packages can now be deleted if they have no associated active services.
  • The language can be specified in the URL of order forms and client pages.
  • Smart search criteria can now be set.
  • Added a new Namesilo domain registration module.
  • Added a new Cornerstone payment gateway. (See docs.)

See our beta announcement for more and the release notes for everything.

A big shout out to the following companies for sponsoring development for one or more items in this release.

Sponsored development is a good way to support Blesta and get a shout out for your company! Interested? Reach out and say hello.

Stay Connected!

Like our Facebook page, join our Facebook group, follow us on Twitter, and join us in Discord.

Blesta 4.10 Beta Released

May 7, 2020 | Posted by Paul


We are pleased to announce that Blesta 4.10.0 BETA 1 has been released!

Can I participate in the beta?

If you have an owned or monthly license with us directly, you may download blesta-4.10.0-b1.zip in the client area now (Login Required). If you obtained your license from a reseller or distributor, you may be able to participate. Contact your reseller to find out. As with any beta, this release is for non-production use only and is unsupported. During installation, choose to start a free trial, open a ticket to request a trial key, or use your dev license if you have one.

Once you are up and running, head to the forums to report any issues and let us know what you think! If you have a license and are verified or become verified on our Discord chat, you’ll have access to a license holder only beta forum.

Visit the Beta Forums! Visit Discord Chat!

It's now possible to filter results for clients, packages, services, invoices, transactions, and tickets.

(Caption: Filtering Transactions. Most widgets now allow filtering by selecting the filter icon.)

So what is new in 4.10?

Blesta version 4.10 includes a new Cornerstone payment gateway, NameSilo module, support for charging late fees, filtering for most widgets, and much more.

New Extensions

These extensions are new with Blesta 4.10.

  • Namesilo Module
  • Cornerstone Payment Gateway

Updated Extensions

  • Order - The language can now be specified in the URL. (See docs.)
  • Order - Human verification for orders has been moved to Settings > Company > General > Human Verification.

Changes to the Core

  • Late fees can now be set under Settings > Company > Billing/Payment > Late Fees.
  • Filtering options have been added for Clients, Packages, Invoices, Services, Transactions, and Tickets.
  • Smart Search criteria can now be set under Settings > Company > General > Smart Search.
  • An email can now be sent to the client when a service is scheduled for cancellation.
  • Reference ID is now included in transaction searches.
  • Packages can now be deleted if they have no associated active services.
  • Added a new internally generated captcha option in addition to reCAPTCHA, and moved human verification options to company settings.

Changes for Developers

  • Widgets now support filtering options.

Client Template Changes

  • /app/views/client/bootstrap/client_invoices.pdt updated
  • /app/views/client/bootstrap/client_services.pdt updated
  • /app/views/client/bootstrap/client_transactions.pdt updated

Note Regarding Hotfixes

Blesta now ships with bundled encoded files that support PHP 5.4 through PHP 7.3 out of the box. This means that you should not need to upload any hotfixes unless you are running a version of Ioncube loaders older than version 10.1. If you are running old Ioncube loaders, upgrade Ioncube or apply the following hotfix based on your PHP version:

  • PHP version >= 7.1.0 - use /hotfix-php71/blesta/
  • PHP version >= 5.6.0 and < 7.1.0 - use /hotfix-php7/blesta/
  • PHP version >= 5.4.0 and < 5.6.0 - use /hotfix-php54/blesta/

See the release notes for more details on this release.

Is there something you want to see in Blesta? Create a new feature request or upvote an existing one!

When is the final release?

Version 4.10 will be officially released after the beta phase has completed, which we expect to happen soon. Once we deem 4.10 stable for production, a final release will be issued. You can help speed things along by participating in the beta!