Direct Setup
Set up by extract and database import.
Secure Guide
Includes final cleanup steps.
Hosting Ready
Works with cPanel, Plesk, and Hostinger.
1. Server Requirements
Before uploading WAF, make sure your hosting account is ready. The setup is based on uploading the files, extracting the package, importing the database, and configuring the environment file.
- PHP 8.2 or later
- MySQL or MariaDB database
- Apache or LiteSpeed with
.htaccesssupport - Writable
storageandbootstrap/cachefolders - Ability to create a cron job
Required PHP extensions
- allow_url_fopen
- cURL
- Fileinfo
- Imagick
- Intl
- Mbstring
- OpenSSL
- PDO MySQL
- Tokenizer
- XML
- Zip
- Ioncube Loader, if your package is encoded
Recommended PHP Version
Use PHP 8.2 or newer for the best compatibility. Enable required extensions before importing the database and opening the website.
2. Create a Database
Create a new empty database and database user from your hosting panel. Save the database name, username, password, and host because these values must be added to the environment file.
cPanel
- Open MySQL Databases.
- Create a new database.
- Create a database user with a strong password.
- Add the user to the database.
- Grant All Privileges.
Hostinger hPanel
- Open Databases > MySQL Databases.
- Create a database and database user.
- Copy the database host, name, username, and password.
Plesk
- Open Databases.
- Click Add Database.
- Create the database and assign a database user.
- Make sure the user has full access to the database.
3. Upload and Extract Files
- Download the WAF package from your account or Telegram purchase link.
- Open your hosting file manager or connect by FTP.
- Upload the ZIP package to your website root directory, usually
public_html. - Extract the ZIP package.
- Make sure the extracted files are directly inside the website root, not inside an extra nested folder.
- Confirm that
.htaccess,app,bootstrap,config,public,resources,routes, andstorageare present.
public_html/
├── .htaccess
├── app/
├── bootstrap/
├── config/
├── public/
├── resources/
├── routes/
└── storage/
Avoid Nested Extraction
If the files are extracted into a folder like waf-package/public_html, move the contents into your real website root so the domain can load the application correctly.
4. Import the Database
After creating the database, import the SQL file included in your package. This creates the required tables and default data.
Using phpMyAdmin
- Open phpMyAdmin from your hosting panel.
- Select the database you created for WAF.
- Open the Import tab.
- Choose the SQL file from the WAF package.
- Click Import and wait until it finishes.
Using command line
mysql -u database_user -p database_name < database.sql
If your package contains a different SQL filename, use that filename instead of database.sql.
5. Configure the Environment File
Open the .env file and update the main application, database, license, mail, cache, queue, and payment settings required by your website.
Basic application settings
APP_NAME="What A Faucet"
APP_ENV=production
APP_DEBUG=false
APP_URL=https://yourdomain.com
Database connection
DB_CONNECTION=mysql
DB_HOST=localhost
DB_PORT=3306
DB_DATABASE=your_database_name
DB_USERNAME=your_database_user
DB_PASSWORD=your_database_password
License key
LICENSE_KEY=your_license_key
Default credentials
USERNAME: [email protected]
PASSWORD: 12345678
6. Set Permissions and Cron Job
The application must be able to write cache, logs, sessions, and uploaded files.
Recommended permissions
chmod -R 775 storage bootstrap/cache
On shared hosting, you can usually set folder permission to 775 from File Manager. If 775 is not allowed by your host, use the permission recommended by your hosting provider.
Cron job
Add this cron job so scheduled tasks can run automatically:
* * * * * /usr/local/bin/php /home/username/public_html/artisan schedule:run >> /dev/null 2>&1
Replace /usr/local/bin/php and /home/username/public_html with the correct PHP path and project path from your hosting account.
7. Final Setup
- Open your domain in the browser.
- Log in using the admin details included with your package or the credentials provided by the database file.
- Immediately update the admin email and password.
- Open the admin dashboard and review website settings.
- Configure currency, payment methods, withdraw methods, offerwalls, ads, postback settings, and email settings.
- Test registration, login, faucet claim, shortlink, offerwall postback, deposit, and withdraw flow before going live.
Useful checks after setup
- The homepage loads without server error.
- User registration and email sending work.
- Admin dashboard can save settings.
- Scheduled tasks run from cron.
- Payment callback URLs are copied correctly to payment providers.
- Offerwall postback URLs are copied correctly to offerwall networks.
8. Configure Google OAuth
Google login is optional. Configure it only if you want users to sign in with Google.
- Open Google Cloud Console.
- Create a new project or select an existing project.
- Open APIs & Services > Credentials.
- Click Create Credentials and choose OAuth Client ID.
- Select Web Application.
- Add the authorized redirect URI:
https://yourdomain.com/oauth/google/callback
- Copy the
Client IDandClient Secret. - Add them to your
.envfile.
GOOGLE_CLIENT_ID=your-client-id
GOOGLE_CLIENT_SECRET=your-client-secret
9. Currencies
Admin path: Admin > Withdraw Settings > Currencies (or wherever the Currency manager is linked from your admin nav).
Currencies are the crypto assets your platform can pay users in (e.g. BTC, ETH, USDT). Every currency is validated and priced against CoinGecko.
Adding a currency
| Field | Required | Notes |
|---|---|---|
| Name | Yes | Must match the exact CoinGecko coin ID (e.g. bitcoin, tether, binancecoin) — not the ticker. If it doesn't match a CoinGecko ID, the request fails with "Currency not supported by CoinGecko." |
| Code | Yes | The ticker symbol (e.g. BTC, USDT). Stored uppercase. |
When you submit, WAF:
- Checks the currency doesn't already exist (by code or name).
- Calls CoinGecko's
/simple/priceendpoint to pull live conversion rates against ~48 supported fiat currencies (USD, EUR, IDR, GBP, INR, etc.). - Stores the currency with all fiat conversion rates attached.
If CoinGecko is Unreachable
You'll get a 502 error ("Currency price lookup is unavailable right now."). Just retry later.
Deleting a currency
A currency cannot be deleted while any withdraw option still references it (currency_id). Remove or reassign the withdraw option first.
10. Fiat Rates
Used when a withdraw option pays out in fiat rather than crypto (see Payout Asset Mode in the Withdraw Options section below). Fiat rates are managed separately (FiatRate records) and must already exist for a fiat currency before you can select it on a withdraw option.
11. Deposit Settings
Admin path: Admin > Settings > Deposit
This page controls which deposit methods are available to users on the /deposit page.
| Method | Toggle | Required fields |
|---|---|---|
| Direct/manual crypto address deposit | direct_deposit |
CCPayment App ID, CCPayment App Secret, minimum deposit |
| FaucetPay | faucetpay_deposit |
FaucetPay username, minimum deposit |
| ZexPay | zexpay_deposit |
ZexPay Merchant API key, ZexPay merchant username, minimum deposit |
| Manual payment methods | — | Configured separately under Manual Payment Methods |
Notes:
- Minimum Deposit is a local validation only — it stops a request from even reaching the provider's API below that USD amount.
- Each provider's webhook URL is shown on this page for reference (e.g.
/webhook/faucetpay,/webhook/zexpay) — you generally don't need to touch these unless the provider's dashboard asks you to whitelist or register a callback URL.
Adding a Currency to Direct Deposit (via CCPayment)
The Direct/manual crypto address deposit (direct_deposit) method is powered by the CCPayment API, using the CCPayment App ID and CCPayment App Secret you set on this page. If a currency you want to accept isn't showing up as a deposit option yet, it usually needs to be enabled on the CCPayment side first:
- Log in to your CCPayment merchant dashboard.
- Go to Merchant Settings > Settings.
- Find the "Tokens For Your Business" section and enable the token/currency you want to accept.
- Back in WAF, make sure the matching currency is also added under Currencies, then re-check the
/depositpage — it should now list the newly enabled currency for direct deposit.
12. Withdraw Options
Admin path: Admin > Withdraw Settings > Withdraw Options
This is where you define every way a user can withdraw their balance. You can have multiple options active at once (e.g. FaucetPay + Binance + ZexPay + a manual bank transfer option).
Step 1 — Basic info
| Field | Required | Notes |
|---|---|---|
| Name | Yes | Label shown to users, e.g. "FaucetPay (BTC)". |
| Wallet / Provider | Yes | One of: faucetpay, binance, cwallet, zexpay, manual. |
| Payout Mode | Yes | api (automatic, instant payout via provider API) or manual (admin approves and pays out by hand). |
cwallet payouts always route through CCPayment's API under the hood — you'll still just select "CWallet" as the wallet type.
Step 2 — Payout asset
The Payout Asset Mode depends on Payout Mode:
apimode is always crypto — you must select a Currency from the list you configured in step 1.manualmode can be:- Crypto — pick a Currency.
- Fiat — pick a fiat currency that already has a Fiat Rate configured.
- Custom — define your own currency code + a fixed conversion rate manually (useful for points systems, gift cards, etc.).
Step 3 — Provider-specific credentials
| Wallet | API key | API secret | Extra fields |
|---|---|---|---|
| FaucetPay | Required (only for api mode) |
— | — |
| ZexPay | Required (only for api mode) |
— | — |
| Binance | Required | Required | Payout type (crypto_address, pay_id, pay_email), and network (e.g. BSC) if paying to a crypto address |
| CWallet | — | — | Uses your global CCPayment credentials, not a per-option key |
| Manual | — | — | — |
Where to Get API Keys
- FaucetPay: faucetpay.io (Merchant settings)
- ZexPay: zexpay.io (Faucet Owner API key, from your ZexPay dashboard)
- Binance: binance.com/en/binance-api (API Management)
- CWallet: via ccpayment.com (CCPayment app credentials)
Each provider's API key is stored per withdraw option row, not globally — so if you add two FaucetPay-based options for different currencies, each keeps its own key.
Step 4 — Branding
- Logo — optional custom image upload (jpg/png/webp/gif, max 4MB).
- Show provider logo — if enabled and no custom logo is uploaded, WAF shows the built-in provider icon (FaucetPay/CWallet/ZexPay/Binance) automatically.
Step 5 — Manual-mode extras
Only relevant when Payout Mode is manual:
- Require account profile — forces the user to fill out a structured form (defined by an Account Profile Preset — see the next section) instead of a free-text address field. Useful for bank transfers, e-wallets, etc.
- Instructions — free text shown to the user on the withdraw page (up to 5000 characters) — e.g. payout schedule, processing time.
Step 6 — Limits & fees
| Field | Required | Notes |
|---|---|---|
| Instant | Yes | yes/no. Forced to no automatically for manual payout mode. |
| Minimum Withdraw | Yes | Numeric floor for this method. |
| Fee Type | Yes | percentage or fixed. |
| Fee | Yes | The fee value matching the chosen fee type. |
Once saved, the option immediately appears as a choice on the user-facing /withdraw page.
Deleting a withdraw option
No special restriction — but double check no pending withdrawals rely on it before removing.
13. Account Profile Presets (optional)
Admin path: Admin > Withdraw Settings > Account Profile Presets
Used only for manual withdraw options that require structured user input beyond a plain address (e.g. "Bank Name", "Account Number", "Account Holder Name").
- Create a preset with a name and a set of fields.
- Mark it Active before it can be attached to a withdraw option.
- A preset cannot be deactivated or deleted while any withdraw option still references it — update or remove that withdraw option first.
Quick Reference — Full Setup Order for a New API Provider (Example: ZexPay)
- Currencies: add the crypto you'll pay out in (e.g.
tether/USDT) if not already added. - Deposit Settings: turn on
ZexPay Deposit Status, fill in the ZexPay Merchant API key, merchant username, and minimum deposit. - Withdraw Options: add new option → Wallet =
ZexPay→ Payout Mode =api→ select the Currency from step 1 → paste your ZexPay (Faucet Owner) API key → set minimum withdraw and fee → Save. - Done — ZexPay now appears as both a deposit and withdraw method on the user-facing pages.
Recommended configuration order: Currencies → Fiat Rates (if needed) → Deposit Settings → Withdraw Options → Account Profile Presets (if needed).
14. Troubleshooting & Tips
Always install updates after setup
After completing the initial installation (not a demo), go to Website Settings > System Update and install all available updates in order. Do not skip this step.
Shortlink URL format
The shortlink API URL must always end with url= and nothing should be appended after it:
https://example.com/api?api=abcd&url=
Common mistakes to avoid:
https://example.com/api?api=abcd&url— missing=https://example.com/api?api=abcd&url=example.com— nothing should followurl=https://example.com/api?url=&api=abc— wrong parameter orderhttps://example.com/api?url=— missing theapiparameterhttps://example.com/st?api=abcd&url=— wrong endpoint path
If you get a 500 error after installation
- Re-check that every step in this documentation was followed correctly.
- Make sure Ioncube Loader 15 is installed.
- Check the actual error message in
/storage/logs/laravel.log. - Confirm the database was imported and the database user has proper permissions on it.
- Double-check the database credentials in
.env. If a password likeDB_PASSWORD=correctpassstill fails even though it's correct, wrap it in quotes, e.g.DB_PASSWORD='correctpass'.
A feature is active but not showing up for users
If a feature has been activated in the admin panel but still doesn't appear in the user-facing navigation, check System Tools > Menu Manager and make sure the corresponding menu item is added/enabled there.
Installation Complete
Your WAF website is ready after the files are extracted, the database is imported, the environment file is configured, permissions are set, and cron is active.