SYS - System configuration 

File mode mask for Unix file systems (when files are uploaded/created).

As above, but for folders.

Group for newly created files and folders (Unix only). Group ownership can be changed on Unix file systems (see above). Set this if you want to change the group ownership of created files/folders to a specific group.

This makes sense when the webserver is running on a different user/group to you. Create a new group on your system and add yourself and the webserver user to the group. Now you can safely set the last bit in fileCreateMask/folderCreateMask to 0 (for example 770). Note: the user running your webserver needs to be a member of the group you specify here otherwise there may be errors.

Name of the base site.

Set the default URI scheme. This is used in links if no scheme is set. It can be set to 'https' for the default setting.

This is a "salt" used for encryption, CRC checksums and

validations. You can enter any string here but try to keep it secret.

When changing this value, flush all the caches: A change to this value might invalidate

temporary information, such as URLs mappings.

Restricts the domain name for FE and BE session cookies. When setting the value to ".example.org" (replace example.org with your domain!), login sessions will be shared across subdomains. Alternatively, if you have more than one domain with sub-domains, you can set the value to a regular expression to match against the domain of the HTTP request. However, this requires that all sub-domains are within the same TYPO3 instance because a session can be tied to only one database.

The result of the match is used as the cookie domain. For example : php:/\.(example1|example2)\.com$/ or /\.(example1\.com)|(example2\.net)$/. Separate domains for FE and BE can be set using $TYPO3_CONF_VARS[FE][cookieDomain] and $TYPO3_CONF_VARS[BE][cookieDomain] respectively.

Regular expression pattern that matches all valid hostnames (including their ports) of this TYPO3 installation, or the string SERVER_NAME (default).

The default value SERVER_NAME checks if the HTTP Host header equals the SERVER_NAME and SERVER_PORT. This is secure in correctly configured hosting environments and does not need further configuration. If you cannot change your hosting environment, you can enter a regular expression here.

Examples:

.*\.example\.org matches all hosts that end with .example.org with all corresponding subdomains.

.*\.example\.(org|com) matches all hostnames with subdomains from .example.org and .example.com.

Be aware that HTTP Host header may also contain a port. If your installation runs on a specific port, you need to explicitly allow this in your pattern, for example example\.org:88 allows only example.org:88, not example.org. To disable this check completely (not recommended because it is insecure) you can use a .* pattern.

See also security guidelines.

Defines a list of IP addresses which allows development output to be displayed. The debug() function will use this as a filter. See the function \TYPO3\CMS\Core\Utility\GeneralUtilitycmpIP() for details on syntax. Setting this to blank value will deny all. Setting to "*" will allow all.

See also security guidelines.

On how to format a date, see PHP function date().

Format of Hours-Minutes - see PHP-function date()

If you provide a warranty for TYPO3 to your customers insert your (company) name here. It will appear in the login dialog as the warranty provider. (You must also set URL below).

Add the URL of the page describing the extent of the warranty provided. This URL is displayed in the login dialog as the place where people can learn more about the conditions of your warranty. Must be set (more than 10 chars) together with the loginCopyrightWarrantyProvider message.

Text file extensions (files that can be edited). Executable PHP files may not be editable if disallowed!

Comma-separated list of file extensions recognized as media files by TYPO3. Must be in lowercase with no spaces in between.

Allows file extensions to be specified that don't belong to either textfile_ext or mediafile_ext, such as zip or xz.

List of absolute paths as search locations for external programs, for example /usr/local/webbin/,/home/xyz/bin/. (ImageMagick paths have to be configured separately)

List of programs separated by newlines or commas. By default, programs will be searched in default paths and the special paths defined by binPath. When PHP has openbasedir enabled, the programs can not be found and have to be configured here.

Example: perl=/usr/bin/perl,unzip=/usr/local/bin/unzip

Memory limit in MB: if more than 16, TYPO3 will try to use ini_set() to set the memory limit of PHP. This works only if the function ini_set() is not disabled by your sysadmin.

Timezone to force for all date() and mktime() functions. A list of supported values can be found at php.net.

If blank, a valid fallback will be searched for by PHP ( date.timezone in php.ini, server defaults, etc). If no fallback is found, the value of "UTC" is used instead.

If set to true, TYPO3 uses UTF-8 to store file names. This allows for accented latin letters as well as other non-latin characters, like Cyrillic and Chinese.

If set to false, filenames containing characters such as umlauts or "special" characters such as Japanese will be renamed to something "safe" when uploaded in the backend.

Locale used for certain system related functions, for example escaping shell commands. If there are problems due to filenames containing special characters, the value of this option is probably wrong. See php function setlocale().

If TYPO3 is behind one or more (intransparent) reverse proxies or load balancers the IP addresses or CIDR ranges must be added here and reverseProxyHeaderMultiValue must be set to first or last.

$GLOBALS['TYPO3_CONF_VARS']['SYS']['reverseProxyHeaderMultiValue'] = 'first';
$GLOBALS['TYPO3_CONF_VARS']['SYS']['reverseProxyIP'] = '192.168.0.0/16';

first

Use the first IP address in the proxy header

last

Use the last IP address in the proxy header

Default

'none'

Position of the authoritative IP address within the X-Forwarded-For header (for example, X-Forwarded-For: 1.2.3.4, 2.3.4.5, 3.4.5.6 uses 1.2.3.4 with first and 3.4.5.6 with last).

Optional prefix to be added to the internal URL (SCRIPT_NAME and REQUEST_URI).

Example: When proxying external.example.org to internal.example.org/prefix this has to be set to prefix

* or a list of IP addresses of proxies that use SSL (https) for the connection to the client, but an unencrypted connection (http) to the server. If * all proxies defined in [SYS][reverseProxyIP] use SSL.

Prefix added to the internal URL (SCRIPT_NAME and REQUEST_URI) when accessing the server via an SSL proxy. This setting overrides [SYS][reverseProxyPrefix].

0

Live: Do not display a PHP error message. Sets display_errors=0. Overrides the value of [SYS][exceptionalErrors] and sets it to 0 (= no errors are turned into exceptions). The configured [SYS][productionExceptionHandler] is used as the exception handler.

1

Debug: Display error messages with the registered [SYS][errorHandler]. Sets display_errors=1. The configured [SYS][debugExceptionHandler] is used as exception handler.

Configures whether PHP errors or exceptions should be displayed, effectively setting the PHP option display_errors during runtime.

See also security guidelines.

Classname to handle exceptions that occur in the TYPO3 code. Leave this empty to disable exception handling. The default exception handler displays a nice error message when something goes wrong. The error message is logged to the configured logs.

Note: The configured "productionExceptionHandler" is used if [SYS][displayErrors] is set to "0" or is set to "-1" and [SYS][devIPmask] does not match the user's IP.

Classname to handle exceptions that occur in the TYPO3 code. Leave empty to disable exception handling. The default exception handler displays the complete stack trace of an exception. The error message and the stack trace are logged to the configured logs.

Note: The configured "debugExceptionHandler" is used if [SYS][displayErrors] is set to "1" or is set to "-1" or "2" and the [SYS][devIPmask] matches the users IP.

Classname to handle PHP errors. This class displays and logs all errors that are registered as [SYS][errorHandlerErrors]. Leave empty to disable error handling. Errors will be logged and can be sent to the developer log (if installed) or to the syslog database table. If an error is registered in [SYS][exceptionalErrors] it will be turned into an exception to be handled by the configured exceptionHandler.

The E_* constants that will be handled by the [SYS][errorHandler]. Not all PHP error types can be handled:

E_USER_DEPRECATED will always be handled, regardless of this setting. Default is 30466 = E_ALL & ~(E_STRICT | E_NOTICE | E_COMPILE_WARNING | E_COMPILE_ERROR | E_CORE_WARNING | E_CORE_ERROR | E_PARSE | E_ERROR) (see PHP documentation).

The E_* constant that will be converted into an exception by the default [SYS][errorHandler]. Default is 4096 = E_ALL & ~(E_STRICT | E_NOTICE | E_COMPILE_WARNING | E_COMPILE_ERROR | E_CORE_WARNING | E_CORE_ERROR | E_PARSE | E_ERROR | E_DEPRECATED | E_USER_DEPRECATED | E_WARNING | E_USER_ERROR | E_USER_NOTICE | E_USER_WARNING) (see PHP documentation).

E_USER_DEPRECATED is always excluded to avoid exceptions being thrown for deprecation messages.

Configures which PHP errors should be logged to the "syslog" database table (extension belog). If set to "0" no PHP errors are logged to the sys_log table. Default is 30711 = E_ALL & ~(E_STRICT | E_NOTICE) (see PHP documentation).

TYPO3 can create .htaccess files which are used by Apache Webserver. They are useful for access protection and performance improvements. Currently, if the files don't exist, they are created from the following directories: typo3temp/compressor/.

You should disable this feature if you are not running Apache or want to use your own rule sets.

Configures if and how IP addresses stored via TYPO3s API should be anonymized ("masked") with a zero-numbered replacement. This is respected within anonymization tasks only, not when creating new log entries.

A list of backend user IDs that are allowed to access the Install Tool

New features of TYPO3 that are activated on new installations (but upgrading installations may still use the old behaviour).

These settings are feature toggles and can be changed in the Backend module Settings in the section Feature Toggles, but not in Configure Installation-Wide Options.

A list of available password hash mechanisms. Extensions may register additional mechanisms here.

Links entered in the TYPO3 backend are stored in an internal format in the database, like t3://page?uid=42. The handlers for the different resource keys (like page in the example) are registered as link handlers.

The TYPO3 Core registers the following link handlers:

• page (see EXT:core/Classes/LinkHandling/PageLinkHandler.php (GitHub))
• file (see EXT:core/Classes/LinkHandling/FileLinkHandler.php (GitHub))
• folder (see EXT:core/Classes/LinkHandling/FolderLinkHandler.php (GitHub))
• url (see EXT:core/Classes/LinkHandling/UrlLinkHandler.php (GitHub))
• email (see EXT:core/Classes/LinkHandling/EmailLinkHandler.php (GitHub))
• record (see EXT:core/Classes/LinkHandling/RecordLinkHandler.php (GitHub))
• telephone (see EXT:core/Classes/LinkHandling/TelephoneLinkHandler.php (GitHub))

Additional link handlers can be added by extensions.

A configuration option to modify the environment check in Admin Tools to incorporate a list of sanctioned disable_functions.

Using this configuration option a system maintainer can add native PHP function names to the list, which are then reported as environment warnings instead of errors.

$GLOBALS['TYPO3_CONF_VARS']['SYS']['allowedPhpDisableFunctions']
    = ['set_time_limit', 'set_file_buffer'];

You can also define this manually in your settings.php file or via Admin Tools > Settings > Configure options.