Step 1 – Installing osT+ On The Server

The installation process is very straight forward and takes just a few minutes. Here is what needs to be done:

  • Ensure minimal server requirements are met (click here for details)
  • Download the latest version of osT+
  • Unpack the downloaded archive and upload content of the “ost-plus” folder to your web server. osT+ can be installed:
    • in the root directory of a domain, e.g. “”
    • on a subdomain, e.g. “”
    • in a sub-folder, e.g. “”  or “”
  • In your favourite web browser, visit your osT+ installation URL, e.g. “”. You will be redirected the system installation script, i.e. “”
  • Review detailed system requirements and ensure you understand implications before proceeding if any module listed is not enabled on your system
  • Complete the installation process by providing required information and database connection details
  • Upon successful completion, you should see a page similar to the one shown below
  • In case of any questions, you can refer to osTicket wiki pages where you will find a detailed installation guide and answers to the most common questions

Note: front-end (what our customers see) of your freshly installed osT+ system may not display properly before Step 2 below has been completed


osT+ - server installation completed

Confirmation of a successful completion of the osT+ installation process

Step 2 – Additional Configuration Options

This step is quite simple and requires setting up some options related to how osT+ is shown to your customers. To set it up, log in as administrator to the administration area, e.g. “” and the navigate to:

Admin Panel > Settings > Misc

Then review and set up the following options:

Stylesheet location:

Recommended/default value: Provided with osT+

Description: This parameters defines the location of bootstrap framework stylesheets which are used in osT+. There is a choice of two value available:

Provided with osT+ - internal, shipped with osT+

Custom URL - external files located on a local server (e.g. “/css/”) or external files stored elsewhere (e.g. “”). Note, trailing slash must be included when applicable


Stylesheet URL:

Recommended/default value: (ost-plus)

Description: Location of osT+ stylesheets. Field is only available when “Stylesheet location” is set to Custom URL


Bootstrap CSS file

Recommended/default value: bootstrap.min.3.0.2-esperim-mod.css

Description: Bootstrap stylesheet file name. Note, the full path used in osT+ is a concatenation of the “Stylesheet location” (above) and “Bootstrap CSS file” values.

Valid values: valid file name


Bootstrap theme CSS file

Recommended/default value:  bootstrap-theme.min.3.0.2-esperim-mod.css

Description: Similar to Bootstrap CSS file but for bootstrap theme stylesheet.

Valid values: valid file name


Complete path

This field is for review purposes only to ensure valid paths to CSS stylesheets have been configured.


Report login errors

Recommended/default value: No

Description:  Normally, osTicket notifies administrators via e-mail in case of frequent login attempts and/or login failures from the same user. Additionally, users are locked out when excessive login attempts are detected (relevant option: Settings > Access > User Excessive Logins). osT+ authenticates user on each request, which may lead to false alarms and unnecessary account lock-outs. It’s recommended to set this option to No to turn this feature off.


Form context expiry time

Recommended/default value: none

Description: Expiry time for client-side cookie which stores current form context (see below for more information). If form context cannot be obtained from the URL ($_GET["fid"] parameter), the system attempts to recover current context from client-side COOKIE which expires after a given inactivity period. Two hours is a recommended value for majority of scenarios.

osT+ “forms” are interfaces for customers to interact with the system, e.g. raise tickets, track progress of their enquiries, access knowledgebase etc.. “Form” is a collection of public osT+ pages (excluding administration area) with certain parameters unique to a given page or website area, e.g. available help topics.

If there are multiple input forms configured, the correct one is displayed to the user by searching for the current form ID in either $_GET["fid"] or client-side COOKIE. If current form context cannot be determined, the default one is shown to the user.

In case when the form context cannot be obtained from either source, the “default” form is shown – see section “User input forms” below for details.


API encryption key

Recommended/default value: Long string of random characters – recommended 64 characters

Description: This is encryption key used for securing communication between client and osT+ API (see osT+ Integration With External Systems for details). It’s imperative the default value is changed upon initial configuration.

Valid values: string of characters


API encryption mode

Recommended/default value: Use encryption

Description: This parameter defines encryption method used when communication between osT+ and other system:

Use encryption - uses mcrypt library which must be enabled on the server osT+ is installed on

Use obfuscation (base64) - if mcrypt is not available, use obfuscation (base64 etc.)

For “encryption”, mcrypt library must be enabled on the server. See Admin Panel > Dashboard > Information: PHP extensions section to see if mcrypt has been detected on your system. If not, that option cannot be selected from the list. “Encryption” should be used whenever possible, “obfuscation” only when mcrypt library is not available.

Step 3 – Settings for the Default input form

In this step, settings for the default input form are set up. It can be found in Admin Panel > Manage > Input Forms. Please refer to the Setting Up Input Forms page for detailed explanation of each option. Alternatively, you can quickly review each parameter by hovering over the “(?)” next to each option in the administration panel.

Step 4 - Changing Config File Permissions

For security reasons, it’s advised to change permission of “include/ost-config.php” and “include/ost-plus-config.php” files to remove write access to them. It can be achieved in a few ways and the most common are listed on the confirmation page shown above.

Step 5 - Removing Setup Directory

The last step is to completely delete the “/setup/” directory from the server since it’s no longer required.

Once the above steps have been completed, your new osT+ Customer Support & Ticket system has been installed successfully.

The next step is to fine-tune your Support System. It requires a bit of planning, implementing some changes within the administration area and setting up input forms – you can read more here for some ideas and how to do it.