Invoice Customers with Payment Gateways including PayPal and Stripe
We offer a turnkey, pre-configured Invoice Ninja deployment stack on Docker, with Portainer for container monitoring & management. Invoice Ninja is a PHP application written with the Laravel framework, which requires many dependencies to deploy properly on your own VPS or cloud server.
Our Dockerized implementation of Invoice Ninja handles all of these dependencies, including nginx, php-fpm, mysql, and crond. It also properly handles persistent data using Docker volumes so you will not lose your data & custom configuration when you update the Docker-Compose stack.
PCI Compliant Payment Pages for your Invoices
Security should be your main concern, especially when deploying an app like Invoice Ninja intended to handle your customers’ personal and financial data. First of all, you should be concerned about PCI compliance if you plan to integrate Invoice Ninja with any of the 40+ supported payment gateways. PCI DSS stands for Payment Card Industry Data Security Standard; it is a set of requirements set out by Visa, Mastercard, AMEX that every merchant must follow to accept credit cards online.
Luckily if you are using a payment gateway such as PayPal, Braintree, or Stripe with Invoice Ninja, none of the payment data covered by PCI DSS (card numbers, expiration dates, CVV code) are stored on your server – simplifying your compliance with PCI requirements. You qualify to fill in the simplified SAQ-A form which has a mere 22 questions compared to the SAQ-D with over 329 questions. PCI compliance can be a huge expense upwards of $10,000/year if you process, store, or transmit card numbers on your own — so you will want to avoid doing so if at all possible.
Nevertheless, it is essential to encrypt your customers’ others personal information, including names, addresses, and contact details while it is being transmitted to your server. Our containerized stack for Invoice Ninja includes an automatically renewing SSL/TLS certificate with a nginx configuration that scores an A+ on both Qualys SSL Test and High-Tech Web’s ImmuniWeb SSL Scan by using ciphers that are compliant with PCI DSS requirements. We also hide server tokens, disable gzip on SSL connections, and enable security features such as HSTS and OCSP stapling to reduce the attack surface on your server. Most payment processors, including Stripe, require you serve the pages of your payment website over HTTPS. Our Invoice Ninja stack forcefully redirects all HTTP requests to HTTPS to comply with this requirement.
Built-In Container Management Dashboard
Another benefit of deploying Invoice Ninja with us is the built-in Portainer dashboard where you can monitor, update & restart your Invoice Ninja containers all from a web-based, graphical user interface. Like the primary application, Portainer is served over a secure connection to prevent intruders from intercepting any passwords and/or tampering with the Docker host to gain root access to your server. You can view the logs for any of the containers at any time to ensure for example, the Invoice Ninja cron jobs are properly firing to send recurring invoices and payment reminders.
Install on Any Cloud Provider Using Containers
The Invoice Ninja stack can be installed on any public cloud provider that uses full or paravirtualization with Linux kernel version 3.10+ to support Docker. Please contact our team about installing Invoice Ninja using Docker on the cloud of your choice, or have us recommend one of our preferred providers to you.