Hello Fred, welcome to the FOSSBilling forum.
Everywhere I read "not yet recommended for use in active production" so does it mean I really should not consider this for my business now?
It means exactly as it says. We do not recommend you use this in a production environment yet and we recommend people wait until we release version 1.0.0. We cannot and will not suggest people use it before then.
Should I then start with BoxBilling?
In my opinion, using BoxBilling would be a significant mistake. It was initially abandoned in 2015 and went 5 years with no updates. After those 5 years, it got an update to remove the license check to reflect that it was abandoned and now considered OSS software.
In the 3.5 years since then, it got a handful of updates which mostly allowed it to function on versions of PHP that were at the time modern and getting security patches, fix a few bugs, and patch a few security vulnerabilities. It has not gotten an update in over a year and it likely will never get another one as the people who help publish those final releases have since moved onto the FOSSBilling project (myself being one of those individuals).
For clarification, FOSSBilling is built off of the BoxBilling source code, but it has had a very significant amount of work put into it and it far superior to BoxBilling even in the current state which we consider incomplete and to be beta status.
There has been over 1.5k commits to the repository (these are changes, some small, some massive) since we started the project. We've brought in proper support for modern PHP versions, fixed probably around 100 bugs, made it significantly more secure, and countless of other improvements.
If you do try to use BoxBilling, you should realize most of it hasn't been updated since 2015, that it is buggy, and that it is insecure. The FOSSBilling project itself has fixed 16 security vulnerability reports, 14 of which originate from BoxBilling code and therefore also apply to it. That also doesn't count security vulnerabilities we've resolved on our own that never got a vulnerability report nor does it take into consideration the efforts we've made to strengthen the security of the core application with additions such as some basic protection for session hijacking, properly securing cookies, and session expirations. There are also dependencies that may have had security vulnerabilities which we have updated & therefore resolved.
I would have no problem giving those $5 when I start, giving $100 is a big step and maybe you should consider $10, $15, etc...
These higher quantities you mention are donation tiers that include additional benefits. If someone doesn't want to donate that much, they can at any time donate any quantity they wish in a either single or recurring payment setup.
$5/month is very reasonable (similar to boxbilling)
I don't know where you are seeing a spot to donate / pay for BoxBilling, but you shouldn't do so in any situation. The software itself is 100% free as of years ago is you are being scammed if you pay for a license for it. If it's a donation, that was supposed to be removed from the repository many years ago as AFAIK the money went directly to Andrius Putna (@fordnox on GitHub). He does not make any effort to actively maintain BoxBilling and hasn't done so since 2015 and earlier. Unless the future of BoxBilling changes rather unexpectedly, any money given to the project will do nothing except pay for someone to get some coffee for themselves.
To re-iterate it: donations to BoxBilling have not done anything for the project for many years and Andrius himself was suppose to completely remove any donation links for it years ago.
Though I saw it is on the roadmap, Boxbilling had it, adding it crashes the running FOSSBilling install
You mean this one?
It's 5 years old, not sure if it'll even work inside of BoxBilling anymore. But due to the significant work we have done, most things written for BoxBilling are incompatible with FOSSBilling and need to be ported to it to handle the breaking changes we have made. We won't provide support for anything originally written for BoxBilling, but if you know how to program you can use our changelog to see what breaking changes have been made and attempt to update it.
Most likely, only the 0.5.0 breaking changes matter for this.
Though I saw it is on the roadmap
Not sure where you saw it on the roadmap. We have a list of ones the community has requested, however that's in no way a commitment to implement all of them. That's there to help keep track of them and ideally make it easier to judge which ones would have the greatest effect if we did implement one.
I also was under the impression I could have any 'marketing' website and WHMCS or it's equivalent would plug into some pages to do the interface between registrar, Cpanel and my website. Looking at the installation I did (in crashed state right now) it seems everything runs from FOSSBilling. Did I get that right or am I missing something?
There are a few ways to embed FOSSBilling in a separate website.
Open option is to use the included "embed" module, however this relies on features such as iFrames and is to the best of my knowledge, somewhat clunky and incomplete.
The other two options are:
- Build a new theme for FOSSBilling (complex, time consuming)
- On your main website, give a direct link to the product inside of FOSSBillng. For example:
https://billing.example.com/order/2. These links are available for all products by going to their "links" tab.
Hopefully that clears things up for you and answered all your questions.