» Help desk settings
Help desk title
Title of your support desk, for example "My company Help Desk"
Hesk URL
URL of the folder where your Hesk will be installed. Do NOT add a trailing / to the URL!
CORRECT: http://www.example.com/helpdesk
WRONG: http://www.example.com/helpdesk/ (don't end the URL with a / )
Admin folder
Name of the folder, where admin files are located.
The folder needs to exist within the main HESK folder. On most systems names are CaSe SeNSiTiVe.
Allowed chars (other will be removed): a-z A-Z 0-9 _ -
Default: admin
Attachments folder
Name of the folder, where attachments will be stored.
The folder needs to exist within the main HESK folder and be writable by PHP. On most systems names are CaSe SeNSiTiVe.
Allowed chars (other will be removed): a-z A-Z 0-9 _ -
Default: attachments
Cache folder
Name of the folder where cache and temporary files will be stored.
The folder needs to exist within the main HESK folder and be writable by PHP. On most systems names are CaSe SeNSiTiVe.
Allowed chars (other will be removed): a-z A-Z 0-9 _ -
Default: cache
Listings per page
The default number of tickets listed per page in admin panel. Use digits only.
Print font size
Font size on the "Printer friendly version" pages of support tickets
Autoclose tickets
If a ticket has no activity from the customer for X days it automatically closes. Set to 0 to disable autoclose.
Max open
A maximum number of open tickets a customer may have. When this limit is reached the customer will not be able to submit new tickets until existing ones are resolved. Affects only tickets submitted via online form.
Set to 0 to disable limiting maximum open tickets.
Show as "due soon"
Set the number of days before the due date when a ticket will show as "Due soon" in the list of tickets.
Can be set to a value between 1 and 999 days. Default setting: 7 days.
Reply order
Choose whether you want most recent replies to appear at top or at bottom of the ticket page.
Reply form
Choose whether you want the Add a reply form to appear at top or at bottom of the ticket page.
Hide ticket replies
When viewing a ticket with many replies, Hesk can hide old replies and only show the newest ones.
This allows staff members to view the latest replies to a ticket without having to scroll past numerous old ones.
Staff can view the hidden replies at any time by clicking the "Show previous replies" link.
Limit ticket width
The desired maximum width of the text portion of a ticket (message and replies).
Select either full width (text will stretch to the entire available screen width) or maximum content width in pixels.
Line length is an important factor for comfortable readability, especially if you expect prolonged reading.
Allow automatic login
If set to YES staff will have an option to automatically login to their account every time they open HESK administration panel from their computer. If disabled HESK will only be able to remember usernames, not passwords.
Auto-assign tickets
Tickets will automatically be assigned to a staff member when submitted.
Several factors are taken into account when assigning tickets automatically, such as ticket category and number of currently open assigned tickets.
Require email
Do you require customers to enter their email address when submitting a ticket?
OFF = do not require an email address
ON = require an email address
Require owner
If set to ON tickets will need to be assigned before staff can reply to them.
This helps prevent multiple staff working on the same ticket by mistake as it forces them to assign the ticket to themselves before starting to work on it.
Require subject
Customers can enter a ticket subject or it can be generated automatically.
OFF = do not require a ticket subject
ON = require a ticket subject
Hide in customer form = hide "Subject" form field from customer side*
* customers will still be able to see the automatically generated subject
Require message
Do you require customers to write a message when submitting a new support ticket?
OFF = do not require a message
ON = message is required
Hide in customer form = hide "Message" form field from customer side
* if a staff members edits a ticket and writes a message, customers will be able to see it
Customer resolve
Choose whether customers may mark tickets as resolved.
If disabled, ticket will only be resolvable by staff and automatically for inactivity.
Reopen tickets
Set to ON to allow customers to reopen a ticket once it has been closed. When set to OFF once closed the customer will have to open a new ticket.
Reply rating
If set to ON customers will be able to mark staff replies as Helpful or Not helpful. This customer feedback will be used to rate staff.
Customer priority
If set to ON customers will be able to set priority/urgency for their tickets ranging from Low to High. If set to OFF all tickets will be submitted with the default priority (Low) and only staff will be able to change the priority level to a higher one.
Sequential IDs
If enabled, all tickets will also show a sequential ID number. This should allow easier customer-staff communication about a ticket (saying ticket ID 45 rather than ticket ID GHS-G5E-A6T8). However, only staff will be able to view tickets by sequential numbers.
Time worked
Track time spent working on a ticket.
When enabled, the admin ticket reply form will show a time counter for tracking time spent working on the ticket.
SPAM Notice
When customer submits a new ticket, the success message will include a notice saying the customer should check inside the SPAM folder if the confirmation email does not arrive.
The notice will not be show in disabled OR if the Notify customer when: They submit a new support ticket is disabled.
The notice message may be notified in the HESK language file.
List usernames
If set to ON staff usernames be listed in a select box on the admin login page and they will only need to type their password in. Recommended setting: OFF (staff will have to type both their username and password to login)
Debug mode
Turns ON/OFF the debug mode. In normal usage debug mode should be turned OFF. Turn ON only if you are having problems and Hesk is not working properly. Don't forget to turn back OFF when Hesk is working normally again.
Short links
If turned ON, website links longer than 70 chars will be shortened for display.
For example a link like this:
http://www.some-long-example.com/sub-folder/another-folder/and-yet-another/this-is-some-long-file-name.html?this_is_a_long_query=and_this_is_a_long_value
Would be displayed as:
http://www.some-long-example.com/sub-folder/another-fol ... long_value
- - Click to Select - -
If checked, "- - Click to Select --" will be the default selection for ticket category and/or priority when submitting a new ticket.
Category select limit
Used when submitting new tickets.
If the number of help desk categories (departments) is lower or equal to this setting, ticket category will be selected by clicking on a link.
If the number of categories is higher than this limit, a drop-down select box will be used instead to select a ticket category.
Ticket Formatting
Sets the type of editor when creating / editing tickets.
Plaintext = Plain text (default)
Rich Text (HTML) = Allows rich text (bold, lists, etc) via a WYSIWYG editor
Use anti-SPAM image
Toggles use of the anti-SPAM security image (captcha).
| Value | Meaning |
| OFF | anti-SPAM images disabled |
| ON - Customers | only customers will be required to solve the image |
| ON - All | both customer and staff will be required to solve it |
| Image type | |
| Simple image | a very basic image generated by PHP (GD library required) A simple image is not effective against advanced robots, consider using an anti-SPAM questions or ReCaptcha instead! |
| ReCaptcha | use a free service by Google (requires registration) |
ReCaptcha
ReCaptcha is a free anti-bot service by Google.
To use ReCaptcha you will need to:
Use anti-SPAM question
Toggles use of the anti-SPAM security question. This is a very simple yet quite effective way of combating spammers (not if they decide to target your website specifically but it should block all the spambots travelling the web). The idea is to create a unique question that only humans can answer to. You can use HTML code in the question. Answers are not CaSe SeNSiTiVe. Some examples:
| -> Question | -> Answer |
| What color is water? | Blue |
| What is the next number after four? (use only digits) | 5 |
| Type access code ABCDE here: | ABCDE |
| Access code: (find it on the bottom of our links page) | Somecode |
Warning! DO NOT use these examples, use a unique question that will only be used on your website!
Login attempts limit & Ban time (minutes)
This feature limits brute-force attacks to either login to HESK or view tickets.
After Login attempts limit number of failed attempts to view a ticket or login to HESK the IP address will be banned for Ban time (minutes).
To disable failed login attempts limiting, set value to 0 (NOT recommended!).
Flood limit (seconds)
This feature helps prevent submitting too many ticket replies (accidental or malicious reply flooding).
Set to the minimum number of seconds that must pass between two ticket replies from the same person.
To disable this feature, set the value to 0.
Password reset
If enabled, users will be able to reset their forgotten password over email.
View tickets
If enabled (checked), customers will need to enter both their email address and ticket tracking ID to view the contents of a tickets. If disabled, only entering ticket tracking ID will suffice.
Frames
Enable to prevent HESK being loaded in frames on third party websites. This helps combat "clickjacking" attempts.
When enabled, HESK will send a X-Frame-Options: SAMEORIGIN HTTP header to the browser.
If you want to display HESK inside a frame on a website under a different domain name than the one HESK is installed under, disable this feature.
In the case above, you may also need to set Cookies setting to None and use https:// connections!
Cookies
This setting controls the SameSite attribute of HTTP cookies. For a detailed explanation, please see this article.
In short:
Strict - cookies will only be sent to requests under your domain name. Following an email link, for example, may force you to log in again.
Lax - default Hesk value. Cookies are not sent on normal cross-site subrequests (for example, to load images or frames into a third-party site) but are sent when a user is navigating to the origin site (i.e., when following a link).
None - cookies will be sent to any request, but only under a secure (https://) connection. Use this setting if you show Hesk in a frame on a third-party domain.
If you want to display HESK inside a frame on a website under a different domain name than the one HESK is installed under, set it to None and use https:// connections.
SSL
You can force HESK to use secure connections (https versus http).
To manage this setting, first manually open the admin_settings_help_desk.php file in your browser using https://, for example:
https://example.com/hesk/admin/admin_settings_help_desk.php
This is to ensure that SSL is properly configured and working on the server before setting HESK to force it.
URL Access Key
Use the URL Access Key to prevent unauzhorized web-access to your Hesk cron files, such as:
- /inc/mail/hesk_imap.php,
- /inc/mail/hesk_pop3.php,
- /cron/email_overdue_tickets.php, etc.
When an access key is set and someone wants to access any of those files via an URL address (web browser), they will need to specify the correct key by appending ?key=XXXXXXXX to the URL address. Example:
https://example.com/hesk/inc/mail/hesk_imap.php?key=XXXXXXXX
Your access key should be a random string at least 20 chars long. Valid access key chars are: a-z A-Z 0-9 _ . -
The access key is not used when cron files are accessed over command-line interface, only when served over http(s).
If you leave the URL Access Key empty, it will not be required/used.
Multi-Factor Authentication (MFA)
Use multi-factor authentication to require users to authenticate with their password along with a secondary authentication method.
- Enabling "Require Multi-Factor Authentication" will enable MFA for both new and existing users.
- Disabling "Require Multi-Factor Authentication" will not disable MFA for existing users; it will only affect new users.
Secure Area Duration
Specifies how long users are permitted to access areas which require security verification before having to enter their MFA token / password again.
This timer is reset when a user logs out.
» Attachments
Use attachments
Select YES to enable file attachments. If enabled customers and support staff will have the option to attach files to support tickets.
NOTE: If and how file attachments will work depends on your server settings, please refer to readme.html for considerations and possible limitations of file attachments on your server.
Number per post
Number of file attachments allowed per post. Optimal range is around 1 to 4. This setting is only available if "Use attachments" is set to YES.
Maxmimum file size
Maximum size of attached files. Note that the maximum upload file size is limited by your server settings, please refer to readme.html for more information on file attachment limits. This setting is only available if "Use attachments" is set to YES.
Allowed file types
Allowed file extensions for attaching files. To add more extensions use the same formatting .ext and separate them with a comma. This setting is only available if "Use attachments" is set to YES.
Customer accounts
Registering an account allows customers to manage their tickets in a single location and gives you control over who can submit support tickets.
Options explained:
Account registration
This setting gives you control over how customer accounts are created.
Options explained:
Barcode
If enabled, Hesk will display a barcode when printing tickets.
The barcode can be hidden from customers (printed only from the staff side).
Parameters:
Type - choose the type of the barcode to be printed
Format - choose the display/image format on the HTML page
Width - width of the barcode image in pixel
Height - height of the barcode image in pixel
Color - color of the barcode data
Background - barcode background color
Colors are in Web notation (color name, or hexadecimal code, or CSS syntax): black, white, red, #000000, #ffffff, #ff0000...
Show "Submitting, please wait"
If enabled, when someone submits a ticket or reply to a ticket, the submit button will be disabled and a "Submitting, please wait..." message displayed.
Used for preventing multiple clicks on the submit button.
Allow customer automatic login
If enabled, customers will have an option to automatically login to their account every time they click the "Login" link on the helpdesk homepage.
If disabled HESK will only be able to remember customer's email addresses, not passwords.
Allow customers to change their email address
If enabled, customers will be allowed to change their email addresses after registering. Otherwise, customers will need to ask staff to change their email address for them.
Time until customers can request new verification email
Indicates the amount of time, in minutes, a customer must wait before being able to request a new verification email (0 = immediately).
Staff will always be able to send a new verification email to the customer without having to wait.