General Config Settings
Craft comes with a bunch of config settings that give you control over various aspects of its behavior.
All config settings should be placed within the array() in your craft/config/general.php file.
For example, if you want to enable Dev Mode and set Craft to use uncompressed JavaScript files, your array would look like this:
return array(
'devMode' => true,
'useCompressedJs' => false,
);
Here is the definitive list of config settings you can add:
# General
# appId
Accepts: A string
Default: null
Since: Craft 2.2
The application ID, which is used for things like storing data caches and user sessions. If it’s not set, Craft will automatically generate one based on the server path. Setting it will help avoid the loss of data caches and user sessions when Craft is deployed using a deployment script that will store Craft in an inconsistent location, such as Capistrano. If you are using a load-balanced environment, make sure you use the same appId value for every server in the cluster.
'appId' => 'lannister',
# cacheDuration
Accepts: A string set to any valid PHP interval specification, or 0 if you wish to cache data indefinitely.
Default: 'P1D' (one day)
Since: Craft 1.0
The length of time Craft will store data caches. Also used by the {% cache %} template tag if no expiration time is specified as a parameter.
'cacheDuration' => 'P1W',
# cacheMethod
Accepts: 'apc', 'db', 'eaccelerator', 'file', 'memcache', 'redis', 'wincache', 'xcache', or 'zenddata'
Default: 'file'
Since: Craft 2.0
The method Craft will use to store data caches.
'cacheMethod' => 'memcache',
Note that this config setting has no effect on the {% cache %} template tag, which always stores its data in the database.
The DB, file, Memcache(d), and Redis cache methods each have their own additional config settings, which must be set in separate config files in the craft/config/ folder (dbcache.php, filecache.php, memcache.php and rediscache.php, respectively). You can find their default values in craft/app/etc/config/defaults/.
# customAsciiCharMappings
Accepts: An array of key-value pairs mapping character codes to lower ASCII strings
Default: array() (an empty array)
Since: Craft 1.0
Any custom ASCII character mappings.
This array is merged into the default mapping array in Craft\StringHelper::getAsciiCharMap() (opens new window).
The keys should be the HTML decimal code equivalent of the character to search for and the value is the ASCII character used for swapping.
For example, the code for Æ is 198. See sites like Website Builders (opens new window) to look up additional codes.
'customAsciiCharMappings' => array(
198 => 'AE',
216 => 'O',
197 => 'A',
),
# defaultCookieDomain
Accepts: A string
Default: ''
Since: Craft 2.2
The default domain name Craft will use when sending cookies to the browser. If it is left blank, Craft will leave it up to the browser to decide – which will be whatever the current request’s domain name is.
'defaultCookieDomain' => '.my-project.tld',
# defaultSearchTermOptions
Accepts: An array of key-value pairs
Default: array('attribute' => null, 'exact' => false, 'exclude' => false, 'subLeft' => false, 'subRight' => false)
Since: Craft 2.5
The default options Craft will apply to all search terms when searching for elements.
The array can contain the following keys;
attribute(string) – The element attribute the search term should apply to (e.g.'title'). (Overridden if the search term in the actual query begins withsomeAttribute:.)exact(boolean) – Whether the search term should be an exact match to the attribute’s value. (Only applicable whenattributeis set, or the search term in the actual query begins withsomeAttribute:.)exclude(boolean) – Whether the search results should exclude results where the search term is a match.subLeft(boolean) – Whether to accept partial matches on keywords that have additional characters before the search term.subRight(boolean) – Whether to accept partial matches on keywords that have additional characters after the search term.
'defaultSearchTermOptions' => array(
'subLeft' => true,
'subRight' => true,
),
# devMode
Accepts: true or false
Default: false
Since: Craft 1.0
Determines whether the system is in Dev Mode or not. (See What Dev Mode Does (opens new window) for more info.)
'devMode' => true,
Dev Mode should never be enabled in production environments.
# defaultWeekStartDay
Accepts: A number from 0 to 6 (where 0 represents Sunday and 6 represents Saturday)
Default: 0 (Sunday)
Since: Craft 2.5
The number representing the default Week Start Day preference value for new users.
# environmentVariables
Accepts: An array of key-value string pairs
Default: array() (an empty array)
Since: Craft 1.1
An array of environment-specific variables which can be accessed as tags within URL and Path settings. (See multi-environment-configs for more info.)
'environmentVariables' => array(
'baseAssetUrl' => '//my-project.tld/',
'baseAssetPath' => './',
),
# isSystemOn
Accepts: true, false, or null
Default: null
Since: Craft 2.1
Overrides the “System Status” setting in Settings → General if set to true or false.
'isSystemOn' => false,
# logDumpMethod
Accepts: A valid method name, callable, or function.
Default: 'var_export'
Since: Craft 2.3
A callable or function which will be used to dump context information. This setting will get passed directly to CLogFilter::$dumper (opens new window).
'logDumpMethod' => 'print_r',
# overridePhpSessionLocation
Accepts: true, false, 'auto', or the path to a custom session save path
Default: false
Since: Craft 1.0
Determines whether Craft should override PHP’s session storage location to your craft/storage/ folder, or save session files in a custom location.
When set to true, Craft will override the location; false will tell Craft to leave the location alone and let PHP store the session where it was configured to.
When set to 'auto', Craft will check the default session location to see if it contains “😕/”, indicating that it might be stored with Memcache or the like. If it does, Craft will leave it alone; otherwise Craft will override it.
'overridePhpSessionLocation' => 'tcp://127.0.0.1:1234',
If you are saving PHP session files to a custom location using memcache (or something similar), you still need to tell PHP about it (opens new window) from Craft’s index.php in your public HTML folder.
ini_set('session.save_handler', 'memcached');
# phpMaxMemoryLimit
Accepts: An integer setting the number of bytes, or a string set to a valid PHP shorthand byte value (opens new window)
Default: '256M' (256 MB)
Since: Craft 1.0
The maximum amount of memory Craft will try to reserve during memory intensive operations such as zipping, unzipping and updating.
'phpMaxMemoryLimit' => '512M',
# phpSessionName
Accepts: A string of alphanumeric characters
Default: 'CraftSessionId'
Since: Craft 2.4
The name of the PHP session cookie Craft will use. (This value will get passed to session_name() (opens new window)).
'phpSessionName' => 'PHPSESSID',
# runTasksAutomatically
Accepts: true or false
Default: true
Since: Craft 2.3.2632
Whether Craft should run pending background tasks automatically over HTTP requests, or leave it up to something like a Cron job to call index.php/actions/tasks/runPendingTasks at a regular interval.
This setting should be disabled for servers running Win32, or with Apache’s mod_deflate/mod_gzip installed, where PHP’s flush() (opens new window) method won’t work.
If disabled, an alternate task running trigger must be set up separately. For example, this Cron command would trigger a task runner once every minute:
*/1 * * * * /usr/bin/curl --silent --compressed http://my-project.tld/index.php?p=actions/tasks/runPendingTasks
# sameSiteCookieValue
The SameSite (opens new window) value that should be set on Craft cookies, if any.
This can be set to 'Lax', 'Strict', or null.
This setting requires PHP 7.3 or later.
# sanitizeSvgUploads
Accepts: true or false
Default: true
Since: Craft 2.6.2984
Whether Craft should sanitize uploaded SVG files and strip out potentially malicious looking content. Should definitely be enabled if you are accepting SVG uploads from untrusted sources.
# sendPoweredByHeader
Accepts: true or false
Default: true
Since: Craft 2.4
Whether the X-Powered-By: Craft CMS header should be sent along with each request.
'sendPoweredByHeader' => false,
# siteName
Accepts: A string, or an array that maps locale IDs to locale-specific strings.
Default: null
Since: Craft 2.3
Your site’s name. If this is set, it will take precedence over the Site Name setting in Settings → General.
'siteName' => array(
'en' => 'On the Rocks',
'es' => 'Con Hielo'
),
# siteUrl
Accepts: A string set to any valid URL, or an array that maps locale IDs to locale-specific URLs
Default: null
Since: Craft 2.0
Your site’s URL. If this is set, it will take precedence over the Site URL setting in Settings → General, as well as the CRAFT_SITE_URL constant, if set.
This is the recommended way to set the site URL on multi-lingual sites, as it gives Craft a way of knowing the correct URLs it should point localized entries/categories to.
'siteUrl' => array(
'en' => 'http://my-project.com/',
'de' => 'http://my-project.de/'
),
# timezone
Accepts: A string set to a valid PHP timezone (opens new window).
Default: null
Since: Craft 2.3
The system timezone. If this is set, it will take precedence over the Timezone setting in Settings → General.
'timezone' => 'America/Los_Angeles',
# translationDebugOutput
Accepts: true or false
Default: false
Since: Craft 1.0
Tells Craft whether to surround all strings that are ran through Craft::t() or the |translate filter with “@” symbols, to help find any strings that are not being translated.
'translationDebugOutput' => true,
# useCompressedJs
Accepts: true or false
Default: true
Since: Craft 1.0
Tells Craft whether to use compressed JavaScript files whenever possible, to cut down on page load times.
'useCompressedJs' => false,
# useWriteFileLock
Accepts: true or false, or 'auto'
Default: 'auto'
Since: Craft 2.0
Whether to grab an exclusive lock on a file when writing to it by using the LOCK_EX flag.
Some file systems, such as NFS, do not support exclusive file locking.
When set to 'auto', Craft will automatically try to detect if the underlying file system supports exclusive file locking and cache the results.
'useWriteFileLock' => true,
# useXSendFile
Accepts: true or false
Default: false
Since: Craft 1.0
Whether Craft should use XSendFile to serve files when possible.
'useXSendFile' => true,
# Security
# csrfTokenName
Accepts: A string
Default: 'CRAFT_CSRF_TOKEN'
Since: Craft 2.2
The name that Craft should give CSRF cookies, and which getCsrfInput() will give to the input it returns, if CSRF Protection (opens new window) is enabled.
'csrfTokenName' => 'CSRF',
# defaultFilePermissions
Accepts: A valid PHP file permission mode (opens new window)
Default: 0664
Since: Craft 2.2
The permissions Craft will use when creating a new file on the file system.
'defaultFilePermissions' => 0744,
# defaultFolderPermissions
Accepts: A valid PHP file permission mode (opens new window)
Default: 0775
Since: Craft 1.0
The default permissions Craft will use when creating a new folder on the file system.
'defaultFolderPermissions' => 0744,
# defaultTokenDuration
Accepts: A string set to any valid PHP interval specification (opens new window)
Default: 'P1D' (one day)
Since: Craft 2.1
The default duration that system tokens should last for.
'defaultTokenDuration' => 'P1W',
# enableCsrfProtection
Accepts: true or false
Default: false
Since: Craft 2.2
Whether CSRF Protection (opens new window) should be enabled for the site.
'enableCsrfProtection' => true,
This setting is set to true by default in Craft 3.0.
# preventUserEnumeration
Accepts: true or false
Default: false
Since: Craft 2.6.2848
Prevents “Forgot Password” forms from revealing whether a valid email address was entered, so even if the email was invalid, a “Password reset email sent” message will be displayed.
'preventUserEnumeration' => true,
# tokenParam
Accepts: A string set to any valid query string parameter name
Default: 'token'
Since: Craft 2.1
The query string parameter name that Craft should use for system tokens.
'tokenParam' => 't',
# useSslOnTokenizedUrls
Accepts: true, false, or 'auto'
Default: 'auto'
Since: Craft 2.6.2793
Whether tokenized URLs (email verification links, entry draft sharing links, etc.) should begin with https. When set to 'auto', https will be used if either the base site URL or the current URL have https.
'useSslOnTokenizedUrls' => true,
# useSecureCookies
Accepts: true, false, or 'auto'
Default: 'auto'
Since: Craft 2.3.2639
Whether Craft should set the secure flag on its cookies, limiting them to only be sent on secure (SSL) requests.
If this is set to 'auto', it will resolve to true or false depending on whether the current request is secure.
# validateUnsafeRequestParams
Accepts: true or false
Default: false
Since: Craft 2.6.2945
If set to true, the following request parameters will need to be hashed to ensure they weren’t tampered with:
- all
redirectparameters - possibly third-party plugin parameters
'validateUnsafeRequestParams' => true,
To hash a value from a Twig template, you can pass it through the |hash filter. For example:
<input type="hidden" name="redirect" value="{{ 'my-page'|hash }}">
Enabling this will prevent certain Denial of Service (DoS) attack vectors. As an added benefit, Twig will no longer operate in Safe Mode when otherwise-unsafe input values.
# validationKey
Accepts: String
Default: null
Since: Craft 2.5
Overrides the auto-generated secure validation key used to verify that hashed values have not been tampered with.
This should be set on load-balanced environments, or servers where the craft/storage/runtime folder is purged on a regular basis. If you are going to set this, make sure to set it to a private, random, cryptographically secure key. In a load-balanced environment, make sure you use the same key on all servers in the cluster.
'validationKey' => '6#AYD6jW6nUJ3GMfreeXcPTGmBu.V*3Fi?f',
I know what you’re thinking… “I’ll just copy the key they used in their example and use it as my own.” Don’t do that. Use a tool like https://www.grc.com/passwords.htm (opens new window) to generate a cryptographically secure key just for yourself!
# Updates
# allowAutoUpdates
Accepts: true, 'minor-only', 'build-only', or false
Default: true
Since: Craft 2.0
If set to true, all Craft updates will be auto-updatable.
If set to 'minor-only', then only minor updates and build updates will be auto-updatable; if a new major version comes out, the Updates page will only have a “Download” button, not an “Updates” button.
If set to 'build-only', then only build updates will be auto-updatable; if a new major or minor version comes out, the Updates page will only have a “Download” button, not an “Updates” button.
If set to false, no updates will be auto-updatable.
'allowAutoUpdates' => 'minor-only',
# backupDbOnUpdate
Accepts: true or false
Default: true
Since: Craft 1.0
Whether Craft should backup the database when updating. This applies to both auto and manual updates.
'backupDbOnUpdate' => false,
# restoreDbOnUpdateFailure
Accepts: true or false
Default: true
Since: Craft 1.0
Whether Craft should attempt to restore the just-created DB backup in the event that there was an error making the database schema changes mandated by the update.
'restoreDbOnUpdateFailure' => false,
# showBetaUpdates
Accepts: true or false
Default: false
Since: Craft 2.4.2688
Whether Craft should show Beta updates on the Updates page, when available.
'showBetaUpdates' => true,
# URLs
# actionTrigger
Accepts: A string set to any valid URI segment
Default: 'actions'
Since: Craft 1.0
The URI segment Craft should look for when determining if the current request should first be routed to a controller action.
'actionTrigger' => 'ACT',
# addTrailingSlashesToUrls
Accepts: true or false
Default: false
Since: Craft 2.0
Whether dynamically-generated URLs should include a trailing slash.
'addTrailingSlashesToUrls' => true,
# allowUppercaseInSlug
Accepts: true or false
Default: false
Since: Craft 2.1
Whether uppercase letters should be allowed in entry and category slugs. Note that this will not affect whether auto-generated slugs have uppercase letters (they won’t).
'allowUppercaseInSlug' => true,
# baseCpUrl
Accepts: A string or null
Default: null
Since: Craft 2.1
Explicitly sets the base URL to the control panel, which may be used if the dynamically-determined URL is not desired for some reason.
'baseCpUrl' => 'http://cms.my-project.tld/',
# cpTrigger
Accepts: A string set to any valid URI segment
Default: 'admin'
Since: Craft 1.0
The URI segment Craft should look for when determining if the current request should route to the control panel rather than the front-end site.
'cpTrigger' => 's3cret',
# limitAutoSlugsToAscii
Accepts: true or false
Default: false
Since: Craft 2.2
Limits automatically-generated slugs to ASCII characters. When there is an obvious ASCII version of a character (e.g. ñ → n), it will be used. Other characters will be removed.
'limitAutoSlugsToAscii' => true,
# maxSlugIncrement
Accepts: A positive integer
Default: 100
Since: Craft 2.2
The maximum number of increments Craft will apply to a slug while searching for one that will result in an element having a unique URL, before giving up and throwing an error.
'maxSlugIncrement' => 200,
# omitScriptNameInUrls
Accepts: true, false, or 'auto'
Default: 'auto'
Since: Craft 1.0
Whether Craft should omit the script filename currently being used to access Craft (e.g. index.php) when generating URLs.
When set to 'auto', Craft will do its best to determine whether the server is set up to support index.php redirects (opens new window), and cache the test’s results for 24 hours.
'omitScriptNameInUrls' => true,
# pageTrigger
Accepts: A URI-safe string, or a query string parameter name
Default: 'p'
Since: Craft 1.0
The string preceding a number which Craft will look for when determining if the current request is for a particular page in a paginated list of pages.
'pageTrigger' => 'page/',
If you would prefer for the page number to be specified as a query string parameter, begin the config setting value with a ?, followed by the desired parameter name.
'pageTrigger' => '?page',
Note that ?p cannot be used here, as Craft already uses a p query string parameter to determine the requested path.
# resourceTrigger
Accepts: A string set to any valid URI segment
Default: 'cpresources'
Since: Craft 1.0
The URI segment Craft should look for when determining if the current request should route to a resource file, either in craft/app/resources/ or a plugin’s resources/ folder.
'resourceTrigger' => 'assets',
The default resourceTrigger value changed in Craft 2.0. In Craft 1.x it was 'resources'.
# slugWordSeparator
Accepts: A URI-safe string
Default: '-' (a dash)
Since: Craft 2.0
The string Craft should use to separate words when generating entry/category slugs.
'slugWordSeparator' => '_',
# usePathInfo
Accepts: true, false, or 'auto'
Default: 'auto'
Since: Craft 1.0
Whether Craft should specify the path using PATH_INFO or as a query string parameter when generating URLs that include index.php. (See Enabling PATH_INFO (opens new window) for more info.)
'usePathInfo' => true,
# Templating
# cacheElementQueries
Accepts: true or false
Default: true
Since: Craft 2.2
Whether element queries should be recorded when the cache tag is doing its thing. If this is set to false, it will be up to you to clear caches manually when making changes that would result in an element showing up within a {% cache %} tag where it would not have before (such as creating new entries).
This will also prevent the “Deleting stale template caches” background task from running each time an element is saved.
'cacheElementQueries' => false,
# defaultTemplateExtensions
Accepts: An array of strings identifying the file extensions
Default: array('html', 'twig')
Since: Craft 1.1
The template file extensions Craft will look for when matching a template path to a file on the front end. (Also see indexTemplateFilenames.)
'defaultTemplateExtensions' => array('html', 'htm', 'xhtml'),
# enableTemplateCaching
Accepts: true or false
Default: true
Since: Craft 2.4
Whether template caching via the cache tag should be enabled.
'enableTemplateCaching' => false,
# errorTemplatePrefix
Accepts: A string
Default: ''
Since: Craft 2.0
The path prefix to HTTP error code templates, like 404.html.
'errorTemplatePrefix' => "_errors/",
# indexTemplateFilenames
Accepts: An array of strings identifying the filenames (sans extensions)
Default: array('index')
Since: Craft 1.1
The template filenames Craft will look for within a directory to represent the directory’s “index” template when matching a template path to a file on the front end. (Also see defaultTemplateExtensions.)
'indexTemplateFilenames' => array('index', 'default'),
# privateTemplateTrigger
Accepts: A string
Default: '_'
Since: Craft 2.0
The prefix that can be placed before a template folder/filename to forbid direct HTTP traffic to it.
'privateTemplateTrigger' => "."
# suppressTemplateErrors
Accepts: true or false
Default: false
Since: Craft 2.5
Controls whether or not to show or hide any Twig template runtime errors that occur on the site in the browser. If it is set to true, the errors will still be logged to Craft’s log files.
'suppressTemplateErrors' => true
# Users
# activateAccountFailurePath
Accepts: A string set to any valid URI, or an array that maps locale IDs to locale-specific URIs
Default: null
Since: Craft 1.2
The URI Craft should redirect to when user front-end account activation fails. Note that this only affects front-end site requests.
'activateAccountFailurePath' => 'members/activation-failed',
# activateAccountSuccessPath
Accepts: A string set to any valid URI, or an array that maps locale IDs to locale-specific URIs
Default: null
Since: Craft 2.3
The URI Craft should redirect to when a user is activated. Note that this only affects front-end site requests.
'activateAccountSuccessPath' => 'members/activation-success',
# autoLoginAfterAccountActivation
Accepts: true or false
Default: false
Since: Craft 2.1
Configures Craft to automatically log users in immediately after they’ve activated their accounts.
'autoLoginAfterAccountActivation' => true,
If your site allows public registration and users aren’t required to verify their email addresses, this setting will take effect immediately after new users register their accounts.
# blowfishHashCost
Accepts: An integer
Default: 13
Since: Craft 1.2
The higher the cost value, the longer it takes to generate a password hash and to verify against it. Therefore, higher cost slows down a brute-force attack.
For best protection against brute force attacks, set it to the highest value that is tolerable on production servers.
The time taken to compute the hash doubles for every increment by one for this value. For example, if the hash takes 1 second to compute when the value is 14 then the compute time varies as 2^(value - 14) seconds.
'blowfishHashCost' => 14,
# cooldownDuration
Accepts: A string set to any valid PHP interval specification (opens new window)
Default: 'PT5M' (five minutes)
Since: Craft 1.0
The amount of time a user must wait before re-attempting to log in after their account is locked due to too many failed login attempts.
Set to false to keep the account locked indefinitely, requiring an admin to manually unlock the account.
'cooldownDuration' => false,
# defaultCpLanguage
Accepts: A string of a locale ID, or null
Default: null
Since: Craft 2.4
The default language that the control panel should be rendered in, for users that haven’t specified their Preferred Locale.
'defaultCpLanguage' => 'en',
# deferPublicRegistrationPassword
Accepts: true or false
Default: false
Since: Craft 2.6.2949
When set to true, public user registration forms will no longer need to include a password input. Users will have the opportunity to set their password after verifying their email address, if “Verify email addresses?” is enabled in Settings → Users → Settings.
'deferPublicRegistrationPassword' => true,
# elevatedSessionDuration
Accepts: A string set to any valid PHP interval specification (opens new window) or false
Default: 'PT5M' (Five minutes)
Since: Craft 2.6.2784
The amount of time a user’s elevated session will last, which is required for some sensitive actions (e.g. user group/permission assignment).
Elevated Sessions functionality can be disabled entirely by setting this to false. We don’t recommend actually doing this unless you have a good reason to!
# invalidLoginWindowDuration
Accepts: A string set to any valid PHP interval specification (opens new window)
Default: 'PT1H' (one hour)
Since: Craft 1.0
The amount of time to track invalid login attempts for a user, for determining if Craft should lock an account.
'invalidLoginWindowDuration' => 'PT10M',
# invalidUserTokenPath
Accepts: A string set to any valid URI, or an array that maps locale IDs to locale-specific URIs
Default: '' (an empty string)
Since: Craft 2.3
The URI Craft should redirect to when user token validation fails.
'invalidUserTokenPath' => 'members/invalidtoken',
# loginPath
Accepts: A string set to any valid URI, or an array that maps locale IDs to locale-specific URIs
Default: 'login'
Since: Craft 1.0
The URI Craft should use for user login on the front-end.
'loginPath' => 'members/login',
# logoutPath
Accepts: A string set to any valid URI, or an array that maps locale IDs to locale-specific URIs
Default: 'logout'
Since: Craft 1.0
The URI Craft should use to log out users on the front-end of the site.
'logoutPath' => 'members/logout',
# maxInvalidLogins
Accepts: Any integer, or false
Default: 5
Since: Craft 1.0
The number of invalid login attempts Craft will allow within the specified duration before the account gets locked. If it is set to 0 or false, Craft will not enforce any maximum (not recommended on production).
'maxInvalidLogins' => false,
# postCpLoginRedirect
Accepts: A string
Default: 'dashboard'
Since: Craft 2.2
The path that users should be redirected to after logging in from the control panel.
This setting will also come into effect if the user visits the control panel’s Login page when they are already logged in, or the control panel’s root URL (e.g. /admin).
'postCpLoginRedirect' => 'entries',
# postLoginRedirect
Accepts: A string
Default: '' (An empty string, which will give you the site homepage)
Since: Craft 2.2
The URL or path that users should be redirected to after logging in from the front-end site.
This setting will also come into effect if the user visits the site’s Login page (as specified by loginPath) when they are already logged in.
'postLoginRedirect' => 'members/home',
# purgePendingUsersDuration
Accepts: A string set to any valid PHP interval specification (opens new window), or false to disable the feature
Default: false
Since: Craft 2.1
The amount of time to wait before Craft purges pending users from the system that have not activated. Set to false to disable this feature. Note that if you set this to a time interval, then any content assigned to a pending user will be deleted as well when the given time interval passes.
'purgePendingUsersDuration' => 'P1M',
# rememberUsernameDuration
Accepts: A string set to any valid PHP interval specification (opens new window)
Default: 'P1Y' (1 year)
Since: Craft 1.0
The amount of time Craft will remember a username and pre-populate it on the control panel login page.
Set to false to disable this feature altogether.
'rememberUsernameDuration' => false,
# rememberedUserSessionDuration
Accepts: A string set to any valid PHP interval specification (opens new window)
Default: 'P2W' (two weeks)
Since: Craft 1.0
The amount of time a user stays logged in if “Remember Me” is checked on the login page.
Set to false to disable the “Remember Me” feature altogether.
'rememberedUserSessionDuration' => false,
# requireMatchingUserAgentForSession
Accepts: true or false
Default: true
Since: Craft 1.0
Whether Craft should require a matching user agent string when restoring a user session from a cookie.
'requireMatchingUserAgentForSession' => false,
# requireUserAgentAndIpForSession
Accepts: true or false
Default: true
Since: Craft 1.0
Whether Craft should require the existence of a user agent string and IP address when creating a new user session.
'requireUserAgentAndIpForSession' => false,
# setPasswordPath
Accepts: A string set to any valid template, or an array that maps locale IDs to locale-specific templates
Default: 'setpassword'
Since: Craft 1.0
The URI and template path that Craft should use for user password resetting. Note that this only affects front-end site requests, and Password Reset emails will only use this setting for users that don’t have access to the control panel.
'setPasswordPath' => array(
'en' => 'password',
'de' => 'passwort'
),
# setPasswordSuccessPath
Accepts: A string set to any valid template, or an array that maps locale IDs to locale-specific templates
Default: ''
Since: Craft 1.1
The URI and template path that Craft should use upon successfully setting a users’s password. Note that this only affects front-end site requests.
'setPasswordSuccessPath' => array(
'en' => 'password/success',
'de' => 'passwort/erfolg'
),
# testToEmailAddress
Accepts: A string set to a valid email address, or an array of email addresses.
Default: null
Since: Craft 1.0
Configures Craft to send all system emails to a single email address (or multiple email addresses), for testing purposes.
'testToEmailAddress' => 'me@domain.tld',
# useEmailAsUsername
Accepts: true or false
Default: false
Since: Craft 2.1
Removes “Username” fields in the control panel, and automatically saves users’ usernames based on their email addresses.
'useEmailAsUsername' => true,
# userSessionDuration
Accepts: false or a string set to any valid PHP interval specification (opens new window)
Default: 'PT1H' (one hour)
Since: Craft 1.0
The amount of time a user stays logged in.
Set to false if you want users to stay logged in as long as their browser is open rather than a predetermined amount of time.
# verificationCodeDuration
Accepts: A string set to any valid PHP interval specification (opens new window)
Default: 'P1D' (one day)
Since: Craft 1.0
The amount of time a user verification code can be used before expiring.
'verificationCodeDuration' => 'P1M',
# Assets
# allowedFileExtensions
Accepts: A string of a comma-separated list of file extensions.
Default: '7z, aiff, asf, avi, bmp, csv, doc, docx, fla, flv, gif, gz, gzip, htm, html, jp2, jpeg, jpg, jpx, js, mid, mov, mp3, mp4, m4a, m4v, mpc, mpeg, mpg, ods, odt, ogg, ogv, pdf, png, potx, pps, ppsm, ppsx, ppt, pptm, pptx, ppz, pxd, qt, ram, rar, rm, rmi, rmvb, rtf, sdc, sitd, svg, swf, sxc, sxw, tar, tgz, tif, tiff, txt, vob, vsd, wav, webm, wma, wmv, xls, xlsx, zip'
Since: Craft 1.0
A list of file extensions that Craft will allow when a user is uploading files. Note that if you only want to add additional file extensions, without overriding the default extensions, you can use extraAllowedFileExtensions instead.
'allowedFileExtensions' => 'jpg, jpeg, png, gif',
# convertFilenamesToAscii
Accepts: true or false
Default: false
Since: Craft 2.4
Whether Craft should convert any non-ASCII characters in uploaded filenames to ASCII.
'convertFilenamesToAscii' => true,
# defaultImageQuality
Accepts: A numeric value between 1 and 100, 1 being the lowest quality and smallest file size, and 100 being the highest quality and largest file size
Default: 82
Since: Craft 1.1
The default quality Craft will use when creating image transforms. Note that this can be overridden on a per-transform basis.
'defaultImageQuality' => 90,
# extraAllowedFileExtensions
Accepts: A string of a comma-separated list of file extensions.
Default: ''
Since: Craft 2.0
A list of additional file extensions that Craft will allow when a user is uploading files, which will get appended to the list specified by allowedFileExtensions.
'extraAllowedFileExtensions' => 'log',
# filenameWordSeparator
Accepts: A string or null
Default: '-' (a dash)
Since: Craft 2.2
The string that should replace spaces in filenames after a file has been uploaded. If it is set to null, spaces will be left alone.
'filenameWordSeparator' => '_',
# generateTransformsBeforePageLoad
Accepts: true or false
Default: false
Since: Craft 2.1
Configures Craft to generate new image transforms right when getUrl() is called, rather than when the browser first requests the image.
'generateTransformsBeforePageLoad' => true,
# imageDriver
Accepts: 'gd', 'imagick', or null
Default: null
Since: Craft 2.2
Forces Craft to use a specific image manipulation library.
'imageDriver' => 'gd',
# maxCachedCloudImageSize
Accepts: An integer
Default: 2000
Since: Craft 1.2
The maximum size in pixels (length or width) Craft should use when caching images from external sources, which it uses to speed up transform generation. Set to 0 if you don’t want Craft to cache them at all.
'maxCachedCloudImageSize' => 2880,
# maxUploadFileSize
Accepts: An integer
Default: 16777216 (16MB)
Since: Craft 2.1
The maximum file size (in bytes) Craft should allow users to upload.
'maxUploadFileSize' => 33554432,
# preserveCmykColorspace
Accepts: true or false
Default: false
Since: Craft 2.6.3016
Whether images with CMYK colorspace should retain it. If false, images will be converted to sRGB colorspace.
Setting this to true will leave CMYK colorspace with images that have it. This will only have effect if Imagick is in use.
# preserveExifData
Accepts: true or false
Default: false
Since: Craft 2.6.2993
Whether the EXIF data should be preserved when manipulating images. Setting this to false will reduce the image size a little bit, but all EXIF data will be cleared. This setting is only taken into account if Imagick is in use.
# preserveImageColorProfiles
Accepts: true or false
Default: true
Since: Craft 2.5
Whether the embedded color profiles should be preserved when uploading an image.
'preserveImageColorProfiles' => false,
# rotateImagesOnUploadByExifData
Accepts: true or false
Default: true
Since: Craft 2.3
Whether Craft should rotate images according to their EXIF data on upload.
This setting takes effect when images are uploaded with an “Orientation” entry in their EXIF data, which informs Craft that the image was taken by a camera while it was held sideways. When the setting is enabled, Craft will look for that EXIF entry on images as they’re uploaded, and if present, automatically rotate the image accordingly and strip out that Orientation entry.
'rotateImagesOnUploadByExifData' => true,
# transformGifs
Accepts: true or false
Default: true
Since: Craft 2.6.3016
Tells Craft whether GIF files should be transformed or cleansed. Defaults to true.
'transformGifs' => false,
# Tags
# allowSimilarTags
Accepts: true or false
Default: false
Since: Craft 2.6.2791
Whether Craft should allow multiple tags to exist with names that would be identical if converted down to ASCII (e.g. Protéines, Proteines).
'allowSimilarTags' => true,