• This project is currently in Beta with many ongoing changes.

• Whilst we're confident the majority of code is safe, nothing in life is 100% safe or risk-free. Writing functional, secure code is very difficult. The current fast pace of development/change may unintentionally introduce bugs/security issues. Use your best judgment before storing highly confidential information in the app. You may wish to consider running ITFlow on it's own server, using a web-app firewall, restricting access (except /portal) to trusted IP addresses, etc.

• Need to report a security issue? Check the security policy

• ITFlow comes with ABSOLUTELY NO WARRANTY, to the extent permitted by applicable law

A Fantastic Free and Opensource Web Hosting Control Panel https://hestiacp.com

• Install on Debian 12 without Mail, DNS and Apache (Nginx will be used instead) This will provide the most ultimate performance for ITFlow

These modules are not installed as part of the default HestiaCP Install

• Login as root:
• apt update
• apt install php-intl php-imap php-mailparse php-curl -y

1. Login to HestiaCP as admin https://host.yourdomain.ext:8083
2. Create Normal user with bash shell access - it defaults to no login
3. Logout as admin

1. Login as newly created user
2. Click Create Web Domain
3. Enter your FQDN - for example itflow.mycompany.com
4. Click Save
5. Edit the newly created Web Domain
6. Click Enable SSL for this domain and the 3 options under it should be checked as well.
   1. Use Let's Encrypt to obtain SSL certificate
   2. Enable automatic HTTPS redirection
   3. Enable HTTP Strict Transport Security (HSTS)
7. Click Save

1. Click DB
2. Click Add Database
3. Name the database
4. create username for database you can use the same name as the database name for simplicity
5. make a secure password
6. Click Save

1. Login with your new user via ssh - ssh username@host.domain.ext
2. Change to Web root Directory cd /home/[USERNAME]/web/[HOST.DOMAIN.EXT]/public_html
3. Delete HestiaCP automatic created files rm * - This will delete index.html and robots.txt
4. Install ITFlow files via git - git clone https://github.com/itflow-org/itflow.git . - Do not forget the . at the end

• Visit https://yourdomain.com

1. Log back into HestiaCP
2. Click Cron
3. Add each of the Cron Jobs in the documentation here

• Click Users > Packages > Edit Default Package
  • Set Backups to something other than the default 1 - 7 to 14 is a good practice
  • Set SSH Access from nologin to bash
• PHP Settings Default to the following - Click gear icon top right > Click on php8.2-fpm

• MariaDB Settings - Click gear icon top right > Click on mariadb

• NginX Settings - Click gear icon top right > Click on nginx

• shell_exec and exec must be enabled in Server Settings > Configure > Web Server > php-fpm
• If mailparse is listed as not installed in ITFlow - Debug and no feedback is returned when running php -m | grep mailparse, you must install mailparse for your version of PHP. E.g., apt-get install php8.2-mailparse