✅ What you need before starting
OperonITSM runs on any standard web server. Windows Server with IIS is fully supported — see the IIS notes below.
1Create a MySQL database
Create a new MySQL or MariaDB database on your database server. Note the hostname, database name, username and password — you'll need these in step 3.
localhost. You can use phpMyAdmin, MySQL Workbench, or the mysql command line to create the database.2Upload the OperonITSM files
Extract the OperonITSM package and upload all files to your web server's document root. Common locations:
- Linux (Apache/Nginx):
/var/www/html/or/var/www/your-site/public/ - Windows IIS:
C:\inetpub\wwwroot\or a sub-folder within it - XAMPP / local dev:
C:\xampp\htdocs\
/itsm/) if you prefer — just visit that path for the installer and the app.install.php and OperonITSM_setup.sql are in the same folder as the other files.3Run the setup wizard
Visit https://yourdomain.com/install.php in your browser. The wizard will:
- Check your server meets all requirements
- Let you enter and test your database credentials
- Create all database tables automatically
- Set up your admin account
- Write
config.phpfor you - Delete itself on completion (for security)
localhost as the database host rather than the external hostname shown in your hosting panel.4Log in and configure
After the wizard completes, visit https://your-server/index.html and log in with the admin credentials you created. Your licence.json file (provided after purchase) goes in the same folder as index.html.
Recommended first steps:
- Global Admin → Email Config — add your SMTP server details for email notifications and alerts
- Global Admin → Local Users — create accounts for your team, or configure AD/LDAP in Global Admin → AD Config
- Global Admin → Help Desk → Categories — set up your ticket categories and SLA policies
- Global Admin → Systems — add locations and asset types for your CMDB
- Global Admin → Modules — enable or disable modules (Help Desk, Change, Projects, PIR etc.) to match your team's needs
🪟 Windows Server - IIS Configuration
IIS is fully supported but requires a few extra steps. PHP must be installed separately, URL rewriting needs the IIS URL Rewrite module, and .htaccess files don't apply - use web.config instead.
AInstall PHP for IIS
Download PHP 8.0+ (Non-Thread Safe x64) from windows.php.net. Extract to C:\PHP. In IIS Manager → Handler Mappings → Add Module Mapping:
- Request path:
*.php - Module:
FastCgiModule - Executable:
C:\PHP\php-cgi.exe
Enable required extensions in C:\PHP\php.ini:
extension=pdo_mysql
extension=mbstring
extension=openssl
extension=imap ; optional - email intake onlyBInstall the URL Rewrite module
Download and install the IIS URL Rewrite module from iis.net (or via Web Platform Installer). Required for OperonITSM routing to work correctly.
CCreate a web.config file
Create web.config in your web root. This replaces the .htaccess used on Apache:
<?xml version="1.0" encoding="UTF-8"?>
<configuration>
<system.webServer>
<rewrite><rules>
<rule name="Block sensitive files" stopProcessing="true">
<match url="^(config\.php|licence\.php|\.sql|\.log)$" />
<action type="CustomResponse" statusCode="403" />
</rule>
</rules></rewrite>
<defaultDocument>
<files><add value="index.html" /></files>
</defaultDocument>
</system.webServer>
</configuration>auth.php or api.php — the application frontend calls these directly. Only config.php, licence.php, SQL files and logs should be blocked from direct access.DSet App Pool permissions
The IIS App Pool identity needs write access to the uploads\hd\ folder. Right-click → Properties → Security → Add IIS AppPool\DefaultAppPool → grant Modify permission.
🔒 Enabling HTTPS Strongly Recommended
Without HTTPS, login credentials and session data travel unencrypted across your network. Even on an internal network, HTTPS is best practice for any authentication system.
- Internal/corporate network: Use a certificate from your organisation's internal CA, or a trusted certificate from your IT team
- Internet-facing Linux server:
sudo certbot --apache -d your-server.yourdomain.com(free via Let's Encrypt) - Windows IIS: Import your organisation's SSL certificate via IIS Manager → Server Certificates, or use win-acme for Let's Encrypt
- Self-signed (development only): Acceptable for local testing but not for production — browsers will show a warning
⏱ Scheduled tasks (cron jobs)
Two background scripts keep OperonITSM running smoothly. Set these up using your server's task scheduler.
SLA monitoring and update checker Recommended
Checks SLA breach status, fires escalation rules, and checks for available software updates once daily.
# Linux (crontab -e):
*/5 * * * * php /path/to/webroot/sla_check.php
# Windows Task Scheduler: run every 5 minutes
php C:\inetpub\wwwroot\sla_check.phpEmail-to-ticket intake Optional
Only needed if you want emails sent to a mailbox to automatically create tickets.
# Linux:
* * * * * php /path/to/webroot/email_fetch.php
# Windows Task Scheduler: run every minute
php C:\inetpub\wwwroot\email_fetch.phpcrontab -e as the web server user (e.g. www-data). Replace /path/to/webroot/ with the full path to your OperonITSM installation.Stuck? Just email us.
We'll walk you through it. That's what support is for.
Get Installation Support