TYPO3 Application context: Development or Production
A TYPO3 instance is often used in different contexts that can adapt to your needs.
You can use the application context to differentiate between different environments / servers.
There are 3 major application context groups:
Development
- To be used during development. Debugging is enabled by default.
Production
- Debugging and deprecation logs are deactivated by default.
Testing
- To be used in automated testing.
You can define arbitrary strings as a subcontext for example Development/
or Production/
.
Setting the application context
If the application context is not set it is Production
by default so that you
don't have to do anything on the production server.
In DDEV you should set the application context to Development/
to enable
debugging and different site configurations for DDEV and your live server.
Create a file called docker-
in your .ddev
path with the following content:
Restart DDEV using
ddev restart
Local development
When you installed TYPO3 with DDEV, DDEV automatically created
a file called config/
for you. This file includes
server settings needed only during development, including:
- A connection to the local database in DDEV
- Configuration of Mailpit to enable debugging of emails
- Image magic configuration so that images can be scaled and edited
- Enabling enhanced error reporting
You should not deploy this file to your production server but create one just for the production server. See section Production environment
Production environment
It is not recommended to put credentials into a file that is kept under version control. However, many other settings should be kept under version control.
We recommend putting all configuration containing credentials into a special
file that is not kept under version control and include it in your
config/
.
Create a file called config/
:
<?php
defined('TYPO3') or die();
$customChanges = [
'BE' => [
'installToolPassword' => 'some encrypted string',
],
'DB' => [
'Connections' => [
'Default' => [
'dbname' => 'my_db',
'host' => 'localhost',
'password' => '<secure password>',
'user' => 'my_db_user',
],
],
],
'SYS' => [
'encryptionKey' => 'replace with generated encryption key',
],
];
Important
Add config/
to your .gitignore
so that it
is never put under version control.
You can now include this file in your
config/
:
<?php
defined('TYPO3') or die();
$customChanges = [
];
$GLOBALS['TYPO3_CONF_VARS'] = array_replace_recursive($GLOBALS['TYPO3_CONF_VARS'], (array)$customChanges);
$file = realpath(__DIR__) . '/credentials.php';
if (is_file($file)) {
include_once($file);
$GLOBALS['TYPO3_CONF_VARS'] = array_replace_recursive($GLOBALS['TYPO3_CONF_VARS'], (array)$customChanges);
}
The following steps are needed for a secure production context:
- Generate a unique encryption key
and put it in
$custom
in yourChanges ['SYS'] ['encryption Key'] config/
.system/ credentials. php - Choose a new install tool password and put its hash into
$custom
.Changes ['BE'] ['install Tool Password'] - Replace the database credentials in the
$custom
section with database credentials for your server.Changes ['DB'] ['Connections'] ['Default']
Further settings important for security can be made directly in the
config/
:
<?php
defined('TYPO3') or die();
$customChanges = [
'BE' => [
'debug' => '0',
],
'FE' => [
'debug' => '0',
],
'SYS' => [
'trustedHostsPattern' => 'SERVER_NAME', // keep this if it is working on your server
'devIPmask' => '127.0.0.1,::1', // localhost oly
'displayErrors' => 0, // Turn off error reporting
],
];
$GLOBALS['TYPO3_CONF_VARS'] = array_replace_recursive($GLOBALS['TYPO3_CONF_VARS'], (array)$customChanges);
$file = realpath(__DIR__) . '/credentials.php';
if (is_file($file)) {
include_once($file);
$GLOBALS['TYPO3_CONF_VARS'] = array_replace_recursive($GLOBALS['TYPO3_CONF_VARS'], (array)$customChanges);
}
Please refer to the security guide in getting started to check which settings are currently recommended for a secure production environment:
Global TYPO3 configuration options
Suggested configurations might change in future security bulletins.
You can put any of the suggested changes into the $custom
array of
your config/
.