FE - frontend configuration¶
The following configuration variables can be used to configure settings for the TYPO3 frontend:
Note
The configuration values listed here are keys in the global PHP array
$GLOBALS
.
This variable can be set in one of the following files:
addAllowedPaths¶
-
$GLOBALS
¶['TYPO3_ CONF_ VARS'] ['FE'] ['add Allowed Paths'] -
- Type
- list
- Default
- ''
Additional relative paths (comma-list) to allow TypoScript resources be in. Should be prepended with /. If not, then any path where the first part is like this path will match. That is myfolder/ , myarchive will match for example myfolder/, myarchive/, myarchive_one/, myarchive_2/ ...
No check is done to see if this directory actually exists in the root of the site. Paths are matched by simply checking if these strings equals the first part of any TypoScript resource filepath.
(See class template, function init() in
\TYPO3\
)CMS\ Core\ Typo Script\ Parser\ Typo Script Parser
debug¶
-
$GLOBALS
¶['TYPO3_ CONF_ VARS'] ['FE'] ['debug'] -
- Type
- bool
- Default
- false
If enabled, the total parse time of the page is added as HTTP response header
X-
. This can also be enabled/disabled via the TypoScript optionTYPO3- Parsetime config.
.debug = 0
compressionLevel¶
-
$GLOBALS
¶['TYPO3_ CONF_ VARS'] ['FE'] ['compression Level'] -
- Type
- int
- Default
- 0
Determines output compression of FE output. Makes output smaller but slows down the page generation depending on the compression level. Requires zlib in your PHP installation. Range 1-9, where 1 is least compression and 9 is greatest compression. true as value will set the compression based on the PHP default settings (usually 5). Suggested and most optimal value is 5.
pageNotFoundOnCHashError¶
-
$GLOBALS
¶['TYPO3_ CONF_ VARS'] ['FE'] ['page Not Found On CHash Error'] -
- Type
- bool
- Default
- true
If TRUE, a page not found call is made when cHash evaluation error occurs, otherwise caching is disabled and page output is displayed.
addRootLineFields¶
-
$GLOBALS
¶['TYPO3_ CONF_ VARS'] ['FE'] ['add Root Line Fields'] -
- Type
- list
- Default
- ''
Comma-list of fields from the pages-table. These fields are added to the select query for fields in the rootline.
checkFeUserPid¶
-
$GLOBALS
¶['TYPO3_ CONF_ VARS'] ['FE'] ['check Fe User Pid'] -
- Type
- bool
- Default
- true
If set, the pid of fe_user logins must be sent in the form as the field pid and then the user must be located in the pid. If you unset this, you should change the fe_users username eval-flag uniqueInPid to unique in $TCA.
This will do
$TCA
[fe_ users] [columns] [username] [config] [eval]= nospace,lower,required,unique;
loginRateLimit¶
-
$GLOBALS
¶['TYPO3_ CONF_ VARS'] ['FE'] ['login Rate Limit'] -
- Type
- int
- Default
- 5
Maximum amount of login attempts for the time interval in [FE][loginRateLimitInterval], before further login requests will be denied. Setting this value to
"0"
will disable login rate limiting.
loginRateLimitInterval¶
-
$GLOBALS
¶['TYPO3_ CONF_ VARS'] ['FE'] ['login Rate Limit Interval'] -
- Type
- string, PHP relative format
- Default
- '15 minutes'
- allowedValues
- '1 minute', '5 minutes', '15 minutes', '30 minutes'
Allowed time interval for the configured rate limit. Individual values using PHP relative formats can be set in
Additional
.Configuration. php
loginRateLimitIpExcludeList¶
-
$GLOBALS
¶['TYPO3_ CONF_ VARS'] ['FE'] ['login Rate Limit Ip Exclude List'] -
- Type
- string
- Default
- ''
IP-numbers (with
*
-wildcards) that are excluded from rate limiting. Syntax similar to [BE][IPmaskList]. An empty value disables the exclude list check.
lockIP¶
-
$GLOBALS
¶['TYPO3_ CONF_ VARS'] ['FE'] ['lock IP'] -
- Type
- int
- Default
- 0
- allowedValues
- 1 0 Default Do not lock Frontend User sessions to their IP address at all 1 Use the first part of the visitors IPv4 address (for example "192.") as part of the session locking of Frontend Users 2 Use the first two parts of the visitors IPv4 address (for example "192.168") as part of the session locking of Frontend Users 3 Use the first three parts of the visitors IPv4 address (for example "192.168.13") as part of the session locking of Frontend Users 4 Use the visitors full IPv4 address (for example "192.168.13.84") as part of the session locking of Frontend Users (highest security)
If activated, Frontend Users are locked to (a part of) their public IP (
$_
) for their session, if REMOTE_ADDR is an IPv4-address. Enhances security but may throw off users that may change IP during their session (in which case you can lower it). The integer indicates how many parts of the IP address to include in the check for the session.SERVER [REMOTE_ ADDR] Have also a look into the security guidelines.
lockIPv6¶
-
$GLOBALS
¶['TYPO3_ CONF_ VARS'] ['FE'] ['lock IPv6'] -
- Type
- int
- Default
- 0
- allowedValues
- 1 0 Default: Do not lock Backend User sessions to their IP address at all 1 Use the first block (16 bits) of the editors IPv6 address (for example "2001") as part of the session locking of Backend Users 2 Use the first two blocks (32 bits) of the editors IPv6 address (for example "20010db8") as part of the session locking of Backend Users 3 Use the first three blocks (48 bits) of the editors IPv6 address (for example "20010db885a3") as part of the session locking of Backend Users 4 Use the first four blocks (64 bits) of the editors IPv6 address (for example "20010db885a308d3") as part of the session locking of Backend Users 5 Use the first five blocks (80 bits) of the editors IPv6 address (for example "20010db885a308d31319") as part of the session locking of Backend Users 6 Use the first six blocks (96 bits) of the editors IPv6 address (for example "20010db885a308d313198a2e") as part of the session locking of Backend Users 7 Use the first seven blocks (112 bits) of the editors IPv6 address (for example "20010db885a308d313198a2e0370") as part of the session locking of Backend Users 8 Use the visitors full IPv6 address (for example "20010db885a308d313198a2e03707344") as part of the session locking of Backend Users (highest security)
If activated, Frontend Users are locked to (a part of) their public IP (
$_
) for their session, if REMOTE_ADDR is an IPv6-address. Enhances security but may throw off users that may change IP during their session (in which case you can lower it). The integer indicates how many parts of the IP address to include in the check for the session.SERVER [REMOTE_ ADDR]
loginSecurityLevel¶
Deprecated since version 11.3
This option got removed with version 11.3. The only possible
value has been 'normal'. This behaviour stays unchanged. When this option
has been set in your Local
or Additional
files, they are automatically
removed when accessing the admin tool or system maintenance area.
lifetime¶
-
$GLOBALS
¶['TYPO3_ CONF_ VARS'] ['FE'] ['lifetime'] -
- Type
- int
- Default
- 0
If greater then 0 and the option permalogin is greater or equal 0, the cookie of FE users will have a lifetime of the number of seconds this value indicates. Otherwise it will be a session cookie (deleted when browser is shut down). Setting this value to 604800 will result in automatic login of FE users during a whole week, 86400 will keep the FE users logged in for a day.
sessionTimeout¶
-
$GLOBALS
¶['TYPO3_ CONF_ VARS'] ['FE'] ['session Timeout'] -
- Type
- int
- Default
- 6000
Server side session timeout for frontend users in seconds. Will be overwritten by the lifetime property if the lifetime is longer.
sessionDataLifetime¶
-
$GLOBALS
¶['TYPO3_ CONF_ VARS'] ['FE'] ['session Data Lifetime'] -
- Type
- int
- Default
- 86400
If greater then 0, the session data of an anonymous session will timeout and be removed after the number of seconds given (86400 seconds represents 24 hours).
permalogin¶
-
$GLOBALS
¶['TYPO3_ CONF_ VARS'] ['FE'] ['permalogin'] -
- Type
- text
- Default
- 0
- -1
- Permanent login for FE users is disabled
- 0
- By default permalogin is disabled for FE users but can be enabled by a form control in the login form.
- 1
- Permanent login is by default enabled but can be disabled by a form control in the login form.
- 2
- Permanent login is forced to be enabled.
In any case, permanent login is only possible if [FE][lifetime] lifetime is greater then 0.
cookieDomain¶
-
- Type
- text
- Default
- ''
Same as
$TYPO3_
but only for FE cookies. If empty,CONF_ VARS [SYS] [cookie Domain]<_ typo3Conf Vars_ sys_ cookie Domain> $TYPO3_
value will be used.CONF_ VARS [SYS] [cookie Domain]
cookieName¶
-
- Type
- text
- Default
- 'fe_typo_user'
Sets the name for the cookie used for the front-end user session
cookieSameSite¶
-
- Type
- text
- Default
- 'lax'
- allowedValues
- 1 lax Cookies set by TYPO3 are only available for the current site, third-party integrations are not allowed to read cookies, except for links and simple HTML forms strict Cookies sent by TYPO3 are only available for the current site, never shared to other third-party packages none Allow cookies set by TYPO3 to be sent to other sites as well, please note - this only works with HTTPS connections
Indicates that the cookie should send proper information where the cookie can be shared (first-party cookies vs. third-party cookies) in TYPO3 Frontend.
defaultUserTSconfig¶
-
$GLOBALS
¶['TYPO3_ CONF_ VARS'] ['FE'] ['default User TSconfig'] -
- Type
- multiline
- Default
- ''
Enter lines of default frontend user/group TSconfig.
defaultTypoScript_constants¶
-
$GLOBALS
¶['TYPO3_ CONF_ VARS'] ['FE'] ['default Typo Script_ constants'] -
- Type
- multiline
- Default
- ''
Enter lines of default TypoScript, constants-field.
defaultTypoScript_setup¶
-
$GLOBALS
¶['TYPO3_ CONF_ VARS'] ['FE'] ['default Typo Script_ setup'] -
- Type
- multiline
- Default
- ''
Enter lines of default TypoScript, setup-field.
additionalAbsRefPrefixDirectories¶
-
$GLOBALS
¶['TYPO3_ CONF_ VARS'] ['FE'] ['additional Abs Ref Prefix Directories'] -
- Type
- text
- Default
- ''
Enter additional directories to be prepended with absRefPrefix. Directories must be comma-separated. TYPO3 already prepends the following directories typo3/, typo3temp/, typo3conf/ext/ and all local storages
enable_mount_pids¶
-
$GLOBALS
¶['TYPO3_ CONF_ VARS'] ['FE'] ['enable_ mount_ pids'] -
- Type
- bool
- Default
- true
If enabled, the mount_pid feature allowing symlinks in the page tree (for frontend operation) is allowed.
hidePagesIfNotTranslatedByDefault¶
-
$GLOBALS
¶['TYPO3_ CONF_ VARS'] ['FE'] ['hide Pages If Not Translated By Default'] -
- Type
- bool
- Default
- false
If enabled, pages that have no translation will be hidden by default. Basically this will inverse the effect of the page localization setting "Hide page if no translation for current language exists" to "Show page even if no translation exists"
eID_include¶
-
$GLOBALS
¶['TYPO3_ CONF_ VARS'] ['FE'] ['e ID_ include'] -
- Type
- array
- Default
- []
- Array of key/value pairs where the key is
tx_
[ext]_ [optional suffix] - and value is relative filename of class to include.
Key is used as "?eID=" for
\TYPO3\
to include the code file which renders the page from that point.CMS\ Frontend\ Http\ Request Handler Request Handler
(Useful for functionality that requires a low initialization footprint, for example frontend Ajax applications)
disableNoCacheParameter¶
-
$GLOBALS
¶['TYPO3_ CONF_ VARS'] ['FE'] ['disable No Cache Parameter'] -
- Type
- bool
- Default
- false
If set, the no_cache request parameter will become ineffective. This is currently still an experimental feature and will require a website only with plugins that dont use this parameter. However, using "&no_cache=1" should be avoided anyway because there are better ways to disable caching for a certain part of the website (see
COA_
).INT/ USER_ INT<t3tsref: cobj- coa- int>
additionalCanonicalizedUrlParameters¶
-
$GLOBALS
¶['TYPO3_ CONF_ VARS'] ['FE'] ['additional Canonicalized Url Parameters'] -
- Type
- array
- Default
- []
The given parameters will be included when calculating canonicalized URL
cacheHash¶
cachedParametersWhiteList¶
-
$GLOBALS
¶['TYPO3_ CONF_ VARS'] ['FE'] ['cache Hash'] ['cached Parameters White List'] -
- Type
- array
- Default
- []
Only the given parameters will be evaluated in the cHash calculation. Example:
$GLOBALS['TYPO3_CONF_VARS']['FE']['cacheHash']['cachedParametersWhiteList'][] = 'tx_news_pi1[uid]';
Copied!
requireCacheHashPresenceParameters¶
-
$GLOBALS
¶['TYPO3_ CONF_ VARS'] ['FE'] ['cache Hash'] ['require Cache Hash Presence Parameters'] -
- Type
- array
- Default
- []
Configure Parameters that require a cHash. If no cHash is given but one of the parameters are set, then TYPO3 triggers the configured cHash Error behaviour
excludedParameters¶
-
$GLOBALS
¶['TYPO3_ CONF_ VARS'] ['FE'] ['cache Hash'] ['excluded Parameters'] -
- Type
- array
- Default
- ['L', 'pk_campaign', 'pk_kwd', 'utm_source', 'utm_medium', 'utm_campaign', 'utm_term', 'utm_content', 'gclid', 'fbclid']
- The given parameters will be ignored in the cHash calculation.
- Example:
$GLOBALS['TYPO3_CONF_VARS']['FE']['cacheHash']['excludedParameters'] = ['L','tx_search_pi1[query]'];
Copied!
excludedParametersIfEmpty¶
-
$GLOBALS
¶['TYPO3_ CONF_ VARS'] ['FE'] ['cache Hash'] ['excluded Parameters If Empty'] -
- Type
- array
- Default
- []
Configure Parameters that are only relevant for the cHash if there's an associated value available. Set excludeAllEmptyParameters to true to skip all empty parameters.
excludeAllEmptyParameters¶
-
$GLOBALS
¶['TYPO3_ CONF_ VARS'] ['FE'] ['cache Hash'] ['exclude All Empty Parameters'] -
- Type
- bool
- Default
- false
If true, all parameters which are relevant for cHash are only considered if they are non-empty.
enforceValidation¶
New in version 10.4.35/11.5.23
-
$GLOBALS
¶['TYPO3_ CONF_ VARS'] ['FE'] ['cache Hash'] ['enforce Validation'] -
- Type
- bool
- Default
- false (for existing installations), true (for new installations)
If this option is enabled, the same validation is used to calculate a "cHash" value as when a valid or invalid "cHash" parameter is given to a request, even when no "cHash" is given.
Note
The option is disabled for existing installations, but enabled for new installations. It is also highly recommended to enable this option in your existing installations as well.
Details:
Since TYPO3 v9 and the PSR-15 middleware concept, cHash validation has been moved outside of plugins and rendering code inside a validation middleware to check if a given "cHash" acts as a signature of other query parameters in order to use a cached version of a frontend page.
However, the check only provided information about an invalid "cHash" in the query parameters. If no "cHash" was given, the only option was to add a "required list" (global TYPO3 configuration option requireCacheHashPresenceParameters), but not based on the final excludedParameters for the cache hash calculation of the given query parameters.
workspacePreviewLogoutTemplate¶
-
$GLOBALS
¶['TYPO3_ CONF_ VARS'] ['FE'] ['workspace Preview Logout Template'] -
- Type
- text
- Default
- ''
If set, points to an HTML file relative to the TYPO3_site root which will be read and outputted as template for this message. Example
fileadmin/
.templates/ template_ workspace_ preview_ logout. html Inside you can put the marker
%1$s
to insert the URL to go back to. Use this in<a href="%1$s">Go back...</
links.a>
versionNumberInFilename¶
-
$GLOBALS
¶['TYPO3_ CONF_ VARS'] ['FE'] ['version Number In Filename'] -
- Type
- dropdown
- Default
- 'querystring'
- allowedValues
- 1 '' "Do not include the version/timestamp of the file at all" 'embed' Include the timestamp of the last modification timestamp of files embedded in the filename - for example
filename.
'querystring' Default - Append the last modification timestamp of the file as query string for example1269312081. js filename.
js?1269312081
Allows to automatically include a version number (timestamp of the file) to referred CSS and JS filenames on the rendered page. This will make browsers and proxies reload the files if they change (thus avoiding caching issues).
IMPORTANT embed requires extra
.htaccess
rules to work (please refer to theroot-
file shipped with TYPO3 inhtaccess typo3/
)sysext/ install/ Resources/ Private/ Folder Structure Template Files
contentRenderingTemplates¶
-
$GLOBALS
¶['TYPO3_ CONF_ VARS'] ['FE'] ['content Rendering Templates'] -
- Type
- array
- Default
- []
Array to define the TypoScript parts that define the main content rendering.
Extensions like
fluid_
provide content rendering templates. Other extensions likestyled_ content felogin
orindexed search
extend these templates and their TypoScript parts are added directly after the content templates.See
EXT:
andfluid_ styled_ content/ ext_ localconf. php EXT:
frontend/ Classes/ Typo Script/ Template Service. php
ContentObjects¶
-
Content
¶Objects -
- Type
- array
- Path
- $GLOBALS['TYPO3_CONF_VARS']['FE']
- Default
- []
Array to register ContentObjects (cObjects) like
TEXT
orHMENU
withinext_
, seelocalconf. php EXT:
frontend/ ext_ localconf. php
typolinkBuilder¶
-
$GLOBALS
¶['TYPO3_ CONF_ VARS'] ['FE'] ['typolink Builder'] -
- Type
- array
Matches the LinkService implementations for generating URLs and link texts via typolink. This configuration value can be used to register a custom link builder for the frontend generation of links.
[ 'page' => \TYPO3\CMS\Frontend\Typolink\PageLinkBuilder::class, 'file' => \TYPO3\CMS\Frontend\Typolink\FileOrFolderLinkBuilder::class, 'folder' => \TYPO3\CMS\Frontend\Typolink\FileOrFolderLinkBuilder::class, 'url' => \TYPO3\CMS\Frontend\Typolink\ExternalUrlLinkBuilder::class, 'email' => \TYPO3\CMS\Frontend\Typolink\EmailLinkBuilder::class, 'record' => \TYPO3\CMS\Frontend\Typolink\DatabaseRecordLinkBuilder::class, 'telephone' => \TYPO3\CMS\Frontend\Typolink\TelephoneLinkBuilder::class, 'unknown' => \TYPO3\CMS\Frontend\Typolink\LegacyLinkBuilder::class, ]
Copied!
passwordHashing¶
className¶
-
$GLOBALS
¶['TYPO3_ CONF_ VARS'] ['FE'] ['password Hashing'] ['class Name'] -
- Type
- string
- Default
\TYPO3\
CMS\ Core\ Crypto\ Password Hashing\ Argon2i Password Hash:: class - allowedValues
- 1
\TYPO3\
Good password hash mechanism. Used by default if available.CMS\ Core\ Crypto\ Password Hashing\ Argon2i Password Hash:: class \TYPO3\
Good password hash mechanism.CMS\ Core\ Crypto\ Password Hashing\ Argon2id Password Hash:: class \TYPO3\
Good password hash mechanism.CMS\ Core\ Crypto\ Password Hashing\ Bcrypt Password Hash:: class \TYPO3\
Fallback hash mechanism if argon and bcrypt are not available.CMS\ Core\ Crypto\ Password Hashing\ Pbkdf2Password Hash:: class \TYPO3\
Fallback hash mechanism if none of the above are available.CMS\ Core\ Crypto\ Password Hashing\ Phpass Password Hash:: class
options¶
-
$GLOBALS
¶['TYPO3_ CONF_ VARS'] ['FE'] ['password Hashing'] ['options'] -
- Type
- array
- Default
- []
Special settings for specific hashes.
exposeRedirectInformation¶
-
$GLOBALS
¶['TYPO3_ CONF_ VARS'] ['FE'] ['expose Redirect Information'] -
- Type
- bool
- Default
- false
If set, redirects executed by TYPO3 publicly expose the page ID in the HTTP header. As this is an internal information about the TYPO3 system, it should only be enabled for debugging purposes.