FAQ - Frequently Asked Questions

Common questions and answers about CyberLicense, the software license management system.

🚀 Installation and Setup

What are the system requirements?

• Node.js: Version 18 or higher
• MongoDB: Version 4.4 or higher (local installation or MongoDB Atlas cloud)
• RAM: Minimum 512MB (recommended 1GB+ for production)
• Operating System: Windows, Linux, or macOS
• Disk Space: At least 100MB for the application and dependencies

How do I install CyberLicense?

1. Ensure you have Node.js 18+ and MongoDB installed
2. Clone or download the project files
3. Run npm install to install dependencies
4. Configure config.yml with your MongoDB connection string
5. Run npm run dev for development or npm start for production
6. Access the admin dashboard at http://localhost:3000/admin

How do I configure MongoDB?

You can use either a local MongoDB instance or MongoDB Atlas (cloud).

Local MongoDB:

mongodb:
  uri: "mongodb://127.0.0.1:27017/cyberlicense"
  dbName: "cyberlicense"

MongoDB Atlas (Cloud):

mongodb:
  uri: "mongodb+srv://username:password@cluster.mongodb.net/cyberlicense?retryWrites=true&w=majority"
  dbName: "cyberlicense"

Note: For production, use environment variables to store sensitive credentials:

MONGODB_URI=mongodb+srv://...

What port does CyberLicense use?

By default, CyberLicense runs on port 3000. You can change this in config.yml:

server:
  port: 3000 # Change to your desired port

Or use the PORT environment variable:

PORT=8080 npm start

🔐 Security and Authentication

How does admin authentication work?

CyberLicense uses Discord OAuth 2.0 for admin authentication:

1. Admins log in via Discord OAuth
2. The system verifies if the Discord user is configured as an admin in the database
3. If authorized, a session is created and the admin can access the dashboard
4. Sessions are stored in MongoDB and expire after 24 hours (configurable)

To add an admin:

• The Discord user ID must be added to the Admin collection in MongoDB
• Alternatively, the first user to log in via Discord may be automatically granted admin access (depending on configuration)

How do I enable two-factor authentication (2FA)?

1. Log in to the admin dashboard
2. Navigate to Settings → Security → 2FA
3. Click Enable 2FA
4. Scan the QR code with Google Authenticator, Authy, or any TOTP app
5. Enter the verification token to confirm and enable 2FA
6. Important: Save the backup codes in a secure location!

How can I protect my APIs?

Multiple security features are available:

• Rate Limiting: Configure in config.yml to limit requests per IP
• JWT Tokens: Use JWT tokens for public API authentication
• CORS: Configure CORS to limit allowed origins
• Panic Mode: Emergency feature to disable all public APIs instantly
• IP Whitelisting: Restrict API access to specific IPs (requires custom configuration)

Example rate limiting configuration:

api:
  rateLimit:
    enabled: true
    windowMs: 900000 # 15 minutes
    max: 200 # 200 requests per window

What is Panic Mode?

Panic Mode is an emergency security feature that:

• Disables all public APIs (returns 503 Service Unavailable)
• Blocks license validation requests
• Keeps only the admin dashboard accessible
• Can be enabled instantly in config.yml or via environment variable

Enable Panic Mode:

security:
  panicMode: true

Or set the environment variable:

PANIC_MODE=true npm start

📋 License Management

What types of licenses can I create?

CyberLicense supports 4 types of licenses:

1. Fixed - License with fixed duration (e.g., 30 days, 1 year, lifetime)
2. Trial - Temporary trial license with optional automatic conversion to full license
3. Consumption - Credit/usage-based license (credits decrease with each use)
4. Enterprise - Team license with multiple users and role management

How do IP and HWID limits work?

• IP Limit: Maximum number of different IP addresses that can use the license
• HWID Limit: Maximum number of different hardware IDs that can use the license

When a limit is exceeded:

• License validation fails automatically
• A violation is recorded
• The admin is notified (if notifications are enabled)
• Automated actions can be triggered (e.g., suspend or revoke license)

Example: If ipLimit: 1 and hwidLimit: 1, the license can only be used from one IP address and one hardware ID.

How do I manage expired licenses?

Expired licenses can be:

• Renewed manually from the admin dashboard (extend expiration date)
• Renewed automatically via payment webhooks (Stripe, BuiltByBit)
• Converted from trial to fixed license if auto-conversion is enabled
• Suspended automatically using automated actions

How do I temporarily suspend a license?

1. Go to the admin dashboard
2. Navigate to Licenses → Select the license
3. Click Edit or Suspend
4. Set suspended: true and optionally add a reason
5. The license will remain in the database but cannot be validated until reactivated

What are Master/Child licenses?

Master/Child licenses allow you to create a parent license with multiple child licenses:

• Master License: Parent license that controls child licenses
• Child Licenses: Sub-licenses linked to the master license
• Useful for resellers or team licenses where you want to distribute licenses to multiple users

🔔 Notifications

How do I configure email notifications?

Configure SMTP settings in config.yml:

notifications:
  email:
    enabled: true
    host: "smtp.gmail.com"
    port: 587
    secure: false # true for 465, false for other ports
    user: "your-email@gmail.com"
    password: "your-app-password" # Use App Password for Gmail
    from: "noreply@yourdomain.com"

For Gmail:

1. Enable 2-Step Verification
2. Generate an "App Password" in your Google Account settings
3. Use the App Password instead of your regular password

What events trigger notifications?

You can receive notifications for:

• License expiration warnings
• License violations (IP/HWID limit exceeded)
• Detected anomalies (suspicious activity)
• Security events (failed login attempts)
• Completed transactions
• Automated action executions
• Custom events (via API)

How do I enable SMS or Telegram notifications?

SMS (Twilio/Vonage):

notifications:
  sms:
    enabled: true
    provider: "twilio" # or "vonage"
    apiKey: "your-api-key"
    apiSecret: "your-api-secret"

Telegram:

notifications:
  telegram:
    enabled: true
    botToken: "your-bot-token" # Get from @BotFather
    chatId: "your-chat-id" # Your Telegram chat ID

📊 Reports and Analytics

How do I export license data?

Via Admin Dashboard:

1. Go to Export → Licenses
2. Select format (CSV or PDF)
3. Apply filters if needed
4. Click Export

Via API:

• CSV: GET /api/export/licenses/csv
• PDF: GET /api/export/licenses/pdf

See the API Reference for details.

What statistics are available?

• Total number of licenses (active, inactive, expired, suspended)
• Licenses by type (fixed, trial, consumption, enterprise)
• Usage statistics (IP addresses, HWIDs per license)
• Revenue tracking (if Stripe/BuiltByBit is configured)
• Validation request statistics
• Geographic statistics (if geolocation is enabled)

🔄 Integrations

How do I integrate Discord?

1. Create a Discord application at https://discord.com/developers/applications
2. Go to OAuth2 and get Client ID and Client Secret
3. Set redirect URI: http://localhost:3000/auth/discord/callback
4. Configure in config.yml:

integrations:
  discord:
    clientId: "YOUR_CLIENT_ID"
    clientSecret: "YOUR_CLIENT_SECRET"
    enabled: true

5. Add your Discord user ID to the Admin collection in MongoDB

How do I integrate BuiltByBit?

1. Get your webhook secret from BuiltByBit
2. Configure in config.yml:

integrations:
  builtByBit:
    webhookSecret: "your-webhook-secret"
    enabled: true

3. Set up webhook endpoints on BuiltByBit to point to:
   • https://yourdomain.com/api/builtbybit

How do I integrate Stripe for payments?

1. Get your Stripe API keys from https://dashboard.stripe.com/apikeys
2. Configure in config.yml:

revenue:
  stripe:
    apiKey: "sk_live_..." # or sk_test_... for testing
    webhookSecret: "whsec_..." # Get from Stripe webhook settings
    enabled: true

Note: Stripe integration is not currently implemented in the API. Revenue tracking can be done through the admin dashboard and export features.

🛠️ Troubleshooting

The server doesn't start. What do I do?

1. Check MongoDB connection:

   • Verify MongoDB is running: mongosh or mongo
   • Check the connection string in config.yml
   • Test connection: mongosh "your-connection-string"

2. Check port availability:

   • Verify port 3000 (or your configured port) is not in use
   • Change port in config.yml if needed

3. Check logs:

   • Look for specific error messages in the console
   • Enable debug logging:

logging:
  level: "debug"
  format: "text"

4. Check Node.js version:
   • Ensure Node.js 18+ is installed: node --version
   • Update if necessary

Licenses are not being validated. Why?

Common causes:

• License not active: Check if active: true in the database
• License suspended: Check if suspended: true
• License expired: Check expiresAt date
• IP/HWID limit exceeded: Check usedIps and usedHwids arrays
• Invalid license key: Verify the key matches exactly (case-sensitive)
• Panic mode enabled: Check security.panicMode in config

Check API logs for specific error messages.

Email notifications are not working. How do I fix it?

1. Verify SMTP credentials in config.yml
2. For Gmail:
   • Use an "App Password" instead of your regular password
   • Enable "Less secure app access" (if still available) or use OAuth2
3. Check firewall: Ensure SMTP ports (587, 465) are not blocked
4. Test connection: Use a tool like nodemailer to test SMTP settings
5. Check logs: Look for specific error messages in the logs

How do I enable debug mode?

Modify config.yml:

logging:
  level: "debug" # instead of "info"
  format: "text" # instead of "json" (easier to read)

Or set environment variable:

LOG_LEVEL=debug npm start

🔐 Advanced Security

How do I enable audit logging?

Audit logging is enabled by default. It automatically records:

• All admin actions (create, update, delete)
• License creation/modification/deletion
• Login/logout events
• Data export/import
• Security events (failed logins, violations)

View audit logs:

• Admin Dashboard: Audit Logs section
• API: GET /api/audit

How do I configure rate limiting?

Configure in config.yml:

api:
  rateLimit:
    enabled: true
    windowMs: 900000 # Time window in milliseconds (15 minutes)
    max: 200 # Maximum requests per window

Customize per route:

• Rate limiting is applied globally to /api routes
• You can create custom rate limiters for specific routes if needed

How do I secure my API keys and secrets?

Best practices:

1. Use environment variables for sensitive data:

   export MONGODB_URI="mongodb+srv://..."
   export DISCORD_CLIENT_SECRET="..."
   export JWT_SECRET="..."

2. Don't commit secrets to version control:

   • Add config.yml to .gitignore if it contains secrets
   • Use a .env file (and add to .gitignore)

3. Rotate secrets regularly:

   • Change JWT secrets periodically
   • Rotate API keys if compromised

📈 Performance and Scalability

How many licenses can CyberLicense handle?

CyberLicense can handle thousands of licenses simultaneously. Performance depends on:

• MongoDB performance: Use MongoDB Atlas for better performance
• Available RAM: More RAM = better performance
• Server configuration: CPU and network speed
• Database indexes: Ensure proper indexes are created

Recommended for production:

• MongoDB Atlas (cloud) with appropriate tier
• At least 2GB RAM
• Proper database indexing
• Load balancer for high traffic

How do I improve performance?

1. Use MongoDB Atlas (cloud) for better database performance
2. Enable database indexes for frequent queries
3. Increase rate limiting if needed (but be careful of abuse)
4. Use a load balancer to distribute load across multiple instances
5. Enable caching for frequently accessed data (requires custom implementation)
6. Optimize queries - Use projection to limit returned fields

How do I scale CyberLicense?

• Horizontal scaling: Run multiple instances behind a load balancer
• Database scaling: Use MongoDB replica sets or sharding
• Caching: Implement Redis for session storage and caching
• CDN: Use a CDN for static assets
• Monitoring: Set up monitoring and alerting (e.g., PM2, New Relic)

💰 Revenue Tracking

How do I track payments?

1. Configure Stripe or another payment gateway in config.yml
2. Enable revenue tracking:

features:
  revenueTracking: true

revenue:
  stripe:
    enabled: true
    apiKey: "sk_live_..."
    webhookSecret: "whsec_..."

3. Set up webhooks to automatically create transactions
4. View statistics in the admin dashboard under Revenue

How do I generate financial reports?

Via Admin Dashboard:

1. Go to Export → Transactions
2. Select format (CSV or PDF)
3. Apply filters (date range, customer, status)
4. Click Export

Via API:

• CSV: GET /api/export/transactions/csv
• PDF Summary: GET /api/export/summary/pdf

🤖 Automation

How do I create automated actions?

1. Go to Automated Actions in the admin dashboard
2. Click Create New Action
3. Configure:
   • Name: Descriptive name for the action
   • Description: What the action does
   • Trigger: Event that activates the action (e.g., license_expired)
   • Conditions: Optional criteria for activation
   • Actions: What to do when triggered (e.g., revoke license, send email)
4. Enable the action
5. Save

What events can I use for triggers?

Available trigger events:

• license_created - When a license is created
• license_expired - When a license expires
• license_revoked - When a license is revoked
• violation_threshold - When violation count reaches threshold
• anomaly_detected - When suspicious activity is detected
• transaction_completed - When a payment transaction completes
• custom - Custom events via API

What actions can be automated?

• Revoke License - Automatically revoke a license
• Suspend License - Temporarily suspend a license
• Send Notification - Send in-app notification
• Send Email - Send email notification
• Send SMS - Send SMS (if configured)
• Send Telegram - Send Telegram message (if configured)
• Create License - Automatically create a new license
• Update License - Modify license properties
• Webhook - Call external webhook
• Custom - Custom actions via API

📞 Support

Have more questions?

• Check the API Reference for detailed API documentation
• Review the codebase for implementation details
• Check the logs for error messages
• Contact support through your preferred channel

---

Last Updated: 2025