Feature: #87889 - Configurable TYPO3 backend URL¶
See forge#87889
Description¶
The TYPO3 backend URL is made configurable in order to enable optional
protection against application admin interface infrastructure
enumeration (WSTG-CONF-05). Both, frontend and backend requests are
now handled by the PHP script /index.
to enable virtual admin
interface URLs.
The default TYPO3 backend entry point path /typo3
can be changed by
specifying a custom URL path or domain name in
$GLOBALS
.
This change requires web server adaption. A silent migration and
according documentation for custom web server configurations is added.
A deprecation layer (for non-adapted systems) is in place that rewrites
the server environment variables passed to /typo3/
as if
/index.
was used directly. This layer will be removed in TYPO3 v14.
This change does not take assets into account, only routing is adapted.
That means Composer mode will use assets provided via /_
as before
and TYPO3 classic mode will serve backend assets from /typo3/*
even if
another backend URL is used and configured.
Configure to a specific path¶
$GLOBALS['TYPO3_CONF_VARS']['BE']['entryPoint'] = '/admin';
Now point your browser to https://
to log into the TYPO3
backend.
Configure to use a distinct (sub)domain¶
$GLOBALS['TYPO3_CONF_VARS']['BE']['entryPoint'] = 'https://backend.example.com';
$GLOBALS['TYPO3_CONF_VARS']['SYS']['cookieDomain'] = '.example.com';
Now point your browser to https://
to log into the TYPO3
backend.
Legacy-Free installation¶
The legacy entry point /typo3/
is no longer needed and deprecated in
favor of handling all backend and frontend requests with /index.
. The
entry point is still in place, in case webserver configuration has not been adapted
yet. The maintenance and emergency tool is still available via
/typo3/
in order to work in edge cases like broken web server
routing.
In Composer mode there is an additional opt-out for the installation of the
legacy entrypoint that can be defined in your project's composer.
file:
"extra": {
"typo3/cms": {
"install-deprecated-typo3-index-php": false
}
}
Impact¶
The TYPO3 backend route path is made configurable in order to protected against
application admin interface infrastructure enumeration (WSTG-CONF-05).
Therefore, all requests are handled by the PHP script /index.
in order to
allow for variable admin interface URLs.