Article 13312 at 08/06/15 02:44:27 From: chris (at mark) idcnet.co.uk Subject: [coba-e:13312] Re: BQ Design Suggestion

Index: [Article Count Order] [Thread]
Date:  Sat, 14 Jun 2008 18:43:39 +0100
From:  "Chris Pelling" <chris (at mark) idcnet.co.uk>
Subject:  [coba-e:13312] Re: BQ Design Suggestion
To:  <coba-e (at mark) bluequartz.org>
Message-Id:  <00ca01c8ce46$2e698900$8b3c9b00$ (at mark) co.uk>
In-Reply-To:  <4853f49a.2a528c0a.2b0e.6dfe (at mark) mx.google.com>
References:  <4853E5D5.70702 (at mark) elirion.net> <4853f49a.2a528c0a.2b0e.6dfe (at mark) mx.google.com>
X-Mail-Count: 13312

Hi Doug,

You could use something like WHMCS or AWBS  *http://www.whmcs.com or
http://www.awbs.com* both are fairly cheap non expensive to implement.

I see that Jim is creating / created an API tool, so you could hook WHMCS or
AWBS quite easily, both give you a blank canvas to integrate hosting panels.
I know I mentioned last year on the AWBS forum about BQ, and Ernie (who I
believe is in this list) stated everything is there to do it.

Just my 2 cents.

Kind regards,

Chris Pelling
NetEarth One, Inc.
reseller.netearthone.com



-----Original Message-----
From: Doug Harvey [mailto:ohgoodiee (at mark) gmail.com] 
Sent: 14 June 2008 17:46
To: coba-e (at mark) bluequartz.org
Subject: [coba-e:13310] Re: BQ Design Suggestion

Richard, Have a very good point there!

So what are the options for provisioning/billing?  So far, all I've run into
are way to expensive for a start-up.

Doug
 

-----Original Message-----
From: Richard Siddall [mailto:cobalt (at mark) elirion.net] 
Sent: Saturday, June 14, 2008 8:38 AM
To: coba-e (at mark) bluequartz.org
Subject: [coba-e:13309] Re: BQ Design Suggestion

Doug Harvey wrote:
> Hi Richard. That's why I suggested the PKG idea that you could buy. I
don't
> think it's a bad idea at all. It could be made where when someone is
> installing, there would be a choice to leave it out.  I do understand that
> there would be a lot to think about as far as implementation.  But I still
> do not think it's a bad idea.
> 
> Doug
> Sleepycathosting.com

Hi Doug,

Sorry, it's still not a good idea.  It's actually a very bad idea as you 
don't want to run your billing system on the same computer that provides 
shared hosting.

Look at it this way.  You said you want to automatically switch off
hosting for people who fail to pay their bills.  Presumably you're
letting people pay by credit card.  Presumably, you keep a credit card
on file so that you can automatically bill them.  You don't want to keep
customer credit card numbers on a machine that is easily hacked such as
a shared hosting server.

You want to keep customer information on a physically secure, firewalled 
server, separate from insecure machines like shared hosting servers. 
Sure, your billing server wants to talk to your hosting servers so it 
can keep up to date with the changes your customers are making, 
provision new accounts, etc., but it can use the command line tools over 
SSH, or the web services API that Jim Scott is working on, or something 
similar.

Also, see question 1.6 on the Payment Card Industry Data Security 
Standard (PCI/DSS) self-assessment questionnaire:
> 1.6
> Is payment card account information stored in a database
> located on the internal network (not the DMZ) and protected by
> a firewall?
https://www.pcisecuritystandards.org/pdfs/pci_saq_v1-0.pdf

I hope this helps.

Regards,

	Richard Siddall