Flag files
TYPO3 uses a set of special files known as flag files or indicator files to control and manage low-level configurations, behaviors, and security settings of the system. These files act as triggers that enable or disable specific features or functionalities in TYPO3, often without requiring direct modifications to the core configuration files.
Flag files are typically placed in specific locations within the TYPO3 file system and are usually named in a way that reflects their purpose.
Below is a list of commonly used TYPO3 flag files, along with explanations of their functions and typical use cases.
LOCK_BACKEND
-
- Content
- empty or Uri to forward to
- Location
- var/lock/LOCK_BACKEND
- Legacy Location
- config/LOCK_BACKEND
- Location configuration
$GLOBALS
['TYPO3_ CONF_ VARS'] ['BE'] ['lock Backend File'] - TYPO3 Commands
vendor/
,bin/ typo3 backend: lock vendor/
bin/ typo3 backend: unlock
Changed in version 13.3
The
LOCK_
file is now expected inBACKEND var/
(Composer mode) orlock/ LOCK_ BACKEND config/
(legacy mode) unless otherwise defined inLOCK_ BACKEND $GLOBALS
.['TYPO3_ CONF_ VARS'] ['BE'] ['lock Backend File'] If the file exists in the location specified by
$GLOBALS
or the default and is empty, an error message is displayed when you try to log into the backend:['TYPO3_ CONF_ VARS'] ['BE'] ['lock Backend File'] Warning
Backend access by browser is locked for maintenance. Remove lock by removing the file "var/lock/LOCK_BACKEND" or use CLI-scripts.
# Lock the TYPO3 Backend for everyone including administrators vendor/bin/typo3 backend:lock # Unlock the TYPO3 Backend after it has been locked vendor/bin/typo3 backend:unlock
Copied!This file locks access to the TYPO3 backend. When present, it prevents users from logging into the backend, often used during maintenance or for security reasons.
If the file contains an URI, users will be forwarded to that URI when they try to lock into the backend.
If you want locked backend state to persist between deployments, ensure that the used directory (
var/
by default) is shared between deployment releases.lock The backend locking functionality is now contained in a distinct service class
\TYPO3\
to allow future flexibility.CMS\ Backend\ Authentication\ Backend Locker Use Case: Temporarily restrict backend access to prevent unauthorized changes or when performing critical updates.
FIRST_INSTALL
-
- Content
- empty or arbitrary text file
- Location
- public/FIRST_INSTALL
- Legacy Location
- FIRST_INSTALL
- TYPO3 Commands
vendor/
bin/ typo3 setup
This file initiates the TYPO3 installation process. If the file exists, TYPO3 directs the user to the installation wizard.
Use Case: Automatically initiate the installation process on a fresh TYPO3 setup.
See also: Installing TYPO3.
There is also a console command available to do the first installation:
# Lock the TYPO3 Backend for everyone including administrators vendor/bin/typo3 setup
Copied!
ENABLE_INSTALL_TOOL
-
- Content
- empty or "KEEP_FILE"
- Location
- config/ENABLE_INSTALL_TOOL
- Legacy Location
- typo3conf/ENABLE_INSTALL_TOOL
- TYPO3 Commands
- None
Changed in version 12.2
The location of this file has been changed for Composer-based installations from
typo3conf/
toENABLE_ INSTALL_ TOOL config/
orENABLE_ INSTALL_ TOOL var/
transient/ ENABLE_ INSTALL_ TOOL When this file is set, it allows access to the TYPO3 Install Tool. See also The ENABLE_INSTALL_TOOL file.
var/
transient/ ENABLE_ INSTALL_ TOOL config/
ENABLE_ INSTALL_ TOOL
typo3temp/
var/ transient/ ENABLE_ INSTALL_ TOOL typo3conf/
ENABLE_ INSTALL_ TOOL
Caution
This file should be removed or renamed after use to secure the Install Tool and prevent unauthorized access.
TYPO3 automatically deletes the
ENABLE_
file when you log out of the Install Tool or if the file is older than 60 minutes (expiry time).INSTALL_ TOOL The file can be prevented from being deleted if it contains "KEEP_FILE" as content. In this case it will not be deleted automatically! Only use this feature during local development, for example in DDEV!
This file unlocks the Install Tool, allowing access for configuration and maintenance tasks.
Use Case: Temporarily enable the Install Tool for performing system configurations or updates, then remove the file to re-secure the tool.
If you are working with the helhum/typo3-console there are also console commands available to enable or disable the install tool: