Post Installation

Contents

Now that you've successfully installed SupportPal, we recommend carrying out the following as your first steps when getting started.

Login to the Operator Panel

It is best to first log in to the operator panel and walk through the getting started guide. Further information about the various settings available can be found in the Configuration section.

Please note that the frontend (for your users) and operator panel are separate areas, your login will only work on the operator panel.


Security Hardening

There are a number of immediate steps that you can take to ensure the security of your new installation:

Ensure Pretty URLs is working

All URLs served by SupportPal should not include /index.php within them. If your URLs contain /index.php then our web server redirection rules are not enabled or are misconfigured.

Enable SSL

https ensures encrypted transport of communication between your customers and your server. A number of third-party integrations require your installation to use https. We recommend to redirect http traffic to https using web server redirects.

Please consult your web server documentation for steps on how to achieve this.

Change default operator Panel directory

Change the default operator panel URL prefix from admin to something that only your staff know. The prefix can be updated using the Settings > Admin Folder field in the operator panel.

Configure HTTP Headers

Scan your installation using https://securityheaders.com/. There are a number of headers which we suggest to enable:

Please consult your web server documentation for steps on how to configure these headers.


Verify the Cron is Running

As the cron job is used to send out emails amongst many other tasks, it is paramount that it is running successfully. You can verify it is running by going to Settings -> General -> Scheduled Tasks, the status bar will be green and all the tasks will have a recent last run time. Otherwise you should check over the configuration of the cron job, this includes ensuring the configuration for PHP CLI (usually different to the web server process) also passes the system requirements.


Public Access

By default, SupportPal expects your help desk to be available to the public.

If you intend to keep your installation private behind a firewall then you'll need to make some changes in order to ensure customers can access email attachments and more. Before proceeding with this approach though, you should be aware of its shortcomings:

If you're happy with the above shortcomings, then please follow the below steps to use SupportPal behind a firewall.

  1. Edit your MySQL configuration file:
    1. Set a sensible max_allowed_packet. Embedded images tend to use up to three times the size of the original image size, for example a 3 MB image would be 9 MB when embedded.
  2. Edit your PHP configuration file for both web server and the cron (these are usually two separate files):
    1. Set a sensible upload_max_filesize. This will prevent users/operators from uploading large files, we would recommend to keep this below 10M.
    2. Ensure post_max_size is larger than or equal to upload_max_size.
    3. Ensure memory_limit is above upload_max_filesize and post_max_size. You may wish to disable the memory_limit completely on the cron. As mentioned above, sending a 30 MB attachment via email may require ~90 MB so this can rapidly increase when there are multiple large attachments/images.
  3. Edit SupportPal settings:
    1. Browse to Settings > General > Email in the operator panel and increase/disable the Cumulative Attachment Limit.
      Any attachments which exceed the limit will not be attached. If you choose to disable the cumulative attachment limit then you must ensure you have sufficient memory on your server to handle sending large attachments. The speed of the cron job will also dramatically slow down.
    2. Browse to Settings > Tickets > General and adjust/disable the Allowed Attachment File Types to account for additional image formats (tiff, bmp, webp, etc). Otherwise the user will receive a notification saying that certain attachments / images could not be processed.
    3. Edit config/app.php and set embed_data_uri to true.
      For more information on modifying configuration files, please read: Updating Config Files