Configuration - Installation

Created: 2021-09-02 14:25:57 || Updated: 2022-04-18 05:11:26
  • This project is currently in Beta with many ongoing changes
  • Due to the fast pace of development, changes may unintentionally introduce security issues
  • As such, storing confidential information is not recommended at this time! Please see this page.


SSH Method
  • Install Apache, PHP, and MariaDB
  • Change directory to your webroot
  • Type: git clone https://github.com/itflow-org/itflow.git .
  • Set web owner on public web directory usually: chown -R www-data:www-data /var/www
  • Create a MySQL user & database for ITFlow to use
  • Point your browser to your Web Server: https://itflow.yourdomain.com
  • Go through the Setup Process
  • Login
  • Start inputting some data

Uploading method

  • Download the zip file from here: https://github.com/itflow-org/itflow/archive/refs/heads/master.zip
  • Using browser or SFTP client, upload and extract the archive to preferred path: /var/www/ 
  • Create a MySQL user & database through your web hosts portal (usually phpMyAdmin)
  • Point your browser to your Web Server: https://itflow.yourdomain.com
  • Go through the Setup Process
  • Login
  • Start inputting some data



Basic setup guide for Ubuntu

  • Install Apache, PHP and MariaDB
    • sudo apt update && sudo apt install apache2 php php-intl php-mysqli php-curl libapache2-mod-php mariadb-server git -y
  • For a production system, do some hardening. As a starting point:
    • sudo mysql_secure_installation
    • Setup UFW / iptables to allow traffic inbound on ports 80/443 only
  • Enable PHP
    • sudo a2enmod php7.4
      • Replace php7.4 with 8.0 if using PHP 8
  • Enable SSL module
    • sudo a2enmod ssl
  • Add your public/private HTTPs keys. You could also use LetsEncrypt, but setting this up is beyond the scope of this article.
    • Place public key at: /etc/ssl/certs/public.pem
    • Place private key at: /etc/ssl/private/private.key

  • Update the default SSL config to reflect the key locations
    • sudo nano /etc/apache2/sites-available/default-ssl.conf
      • SSLCertificateKeyFile /etc/ssl/certs/public.pem
      • SSLCertificateFile /etc/ssl/private/private.key
  • Test the config is correct
    • sudo apachectl configtest
      • Looking for "Syntax OK"
  • Enable the 00-default site
    • sudo a2ensite default-ssl
  • Reload Apache Service to apply the changes
    • sudo systemctl reload apache2
  • Test that you can access the default Apache page using HTTP and HTTPS
  • Configure Apache to automatically redirect to HTTPS
    • sudo nano /etc/apache2/sites-enabled/000-default.conf
    • Add the line "Redirect permanent / https://itflow.yourdomain.com/" (or similar) under the VirtualHost for port 80
  • Login to the database
    • sudo mysql -u root
  • Create a new database for ITFlow
    • MariaDB>CREATE DATABASE itflow;
    • MariaDB>FLUSH PRIVILEGES;
  • Add a user for ITFlow to use
    • MariaDB> CREATE USER 'itflow'@'localhost' IDENTIFIED BY 'supersecurepassword';
  • Assign the user permissions on the database
    • MariaDB> GRANT ALL PRIVILEGES on itflow.* to 'itflow'@'localhost';
    • exit
  • Clone the ITFlow repo to your web server
    • cd /var/www/html
    • git clone https://github.com/johnnyq/itflow.git .
  • Set the web folder to be owned by Apache
    • sudo chown -R www-data:www-data /var/www/html
  • Set web folder permissions (all, for now, we'll change this after setup)
    • sudo chmod -R 777 /var/www/html
  • Run through the initial setup by navigating to your web server using HTTPS
    • Provide the database name, username, and password you set up earlier

  • Once complete, tidy up the webserver permissions
    • sudo find /var/www/html -type d -exec chmod 775 {} \;
    • sudo find /var/www/html -type f -exec chmod 664 {} \;
    • sudo chmod 640 /var/www/html/config.php

    As a general best practice, if your ITFlow instance is to be public-facing please consider adding additional protection with a Web Application Firewall (WAF).