General Configuration

Controls various aspects of Enacts behavior.

Your general configuration options are stored in enact/config/config.php, the config file returns an array that gets merge with the default configurations stored in enact/app/config/enact.php.

For example, to change the control panel slug and timezone return an array like so:

return Array(
    'cpAccessSlug' => '/control/',
    'timezone'  => 'America/Chicago'
);

Below is the full listing of default configuration settings.

devMode #
Acceptstrue or false
Defaultfalse

Whether or not your application is running in Development mode.

'devMode' => true,
cpAccessSlug #
Accepts string
Default/admin/

The control panel access slug. Must begin and end with a slash!

'cpAccessSlug' => '/control/',
sessionKey #
Accepts string
Defaultenact-user

They key user sessions will be stored in.

'sessionKey' => 'site-user',
PHPSessionStorage #
Acceptstrue, false, or string
Defaultfalse

Define how session files should be stored                                                                        
true -  Enact should store it in enact/storage/session.
false -  Use the default server configuration.
string - A valid path to a writable directory on the web server

'PHPSessionStorage' => '/home/user/sessions/',
PHPSessionName #
Accepts string
DefaultEnactSessionID

The key for storing session ids in cookies.

'PHPSessionName' => 'siteSession',
permanentLoginTokenCookieName #
Accepts string
Defaultenact-perm

The name of the cookie used to store the permanent login token of the user, enabling permanent login sessions.

'permanentLoginTokenCookieName' => 'site-perm',
permanentLoginLength #
Accepts integer
Default5184000 - 2 months (60 x 60 x 24 x 60)

The number of seconds the permanent login token should last.

'permanentLoginLength' => 2592000,
maxLoginAttempts #
Accepts integer
Default5

Maximum number of invalid login attempts before maxedLoginAttemptsLockOutSleep seconds must be waited.

'maxLoginAttempts' => 8,
maxedLoginAttemptsLockOutSeconds #
Accepts integer
Default180

After the maxLoginAttempts this many seconds must pass until another login can be attempted again.

'maxedLoginAttemptsLockOutSeconds' => 60,
minPasswordLength #
Accepts integer
Default4

Minimum length passwords must be.

'minPasswordLength' => 6,
minUserNameLength #
Accepts integer
Default4

Minimum length user names and display names must be.

'minUserNameLength' => 6,
paginate #
Accepts string
Default/page/?

the string used to provide paginated URIs, must contain a ? placeholder where the page number will be.

'paginate' => '/p-?',
allowURITrailingSlashes #
Acceptstrue or false
Defaulttrue

Can URI paths have trailing slashes and still match an entry or template?

For example if set to true:

  • /about-us == /about-us/

If false:

  • /about-us != /about-us/
'allowURITrailingSlashes' => false,
directoryIndexFile #
Accepts string
Defaultindex

The template to match when the root of a directory is requested.

For example:

/state/ == enact/template/state/index.html

'directoryIndexFile' => 'root.html',
privateTemplatePrefix #
Accepts string
Default_

A prefix specifying that a template is not allowed to be served publicly as a direct match to a route/URI.

'privateTemplatePrefix' => '.',
errorTemplateDirectory #
Accepts string
Default_errors/

Where HTTP Error code responses are stored, such as 404, or 500.

'errorTemplateDirectory' => '_siteErrors/',
entryDateFormat #
Accepts string
Defaultdddd, mmm dd, yyyy

The default format to display dates in on Entry pages.

Find the formatting rules here: http://amsul.ca/pickadate.js/date/#formatting-rules

'entryDateFormat' => 'mmm dd - yyyy',
entryTimeFormat #
Accepts string
Defaulth:i A

The default format to display times in on Entry pages.

Find the formatting rules here: http://amsul.ca/pickadate.js/time/#formatting-rules

'entryTimeFormat' => 'hA',
timeSelectionInterval #
Accepts integer
Default15

The interval between times when selecting time values.

'timeSelectionInterval' => 30,
momentDateFormat #
Accepts string
Defaultddd MM/DD/YY h:mm A

The format to display dates in admin feeds.

Format rules for moment.js can be found here: http://momentjs.com/docs/#/displaying/format/

'momentDateFormat' => 'MM/DD/YY hA',
redirectDefaultExpiration #
Acceptsnull or string
Defaultnull

The default expiration for redirects.

'redirectDefaultExpiration' => (new DateTime('+3 month'))->format('Y-m-d H:i:s'),
publicDraftPreview #
Acceptstrue or false
Defaulttrue

Should draft previews be made publicly available? Meaning you don't have to have a enact user session going to see them? This is for sharing changes you have done with the outside world, before you actually publish them.

'publicDraftPreview' => false,
useXSendFile #
Acceptstrue or false
Defaultfalse

Should Enact use XSendFile to serve resources that aren't available in the public folder?

'useXSendFile' => true
feedPerPage #
Accepts integer
Default100

The number of results that will be returned per page in admin control panels.

'feedPerPage' => 50,
timezone #
Accepts string
DefaultAmerica/New_York

The system timezone, must be a valid PHP timezone, see http://php.net/manual/en/timezones.php.

'timezone' => 'America/Chicago',
defaultTemplateExtensions #
Accepts string or array
Default['.html','.twig']

When a template is called and doesn't exist, the defined extension(s) will be applied to the template name and searched for.

'defaultTemplateExtensions' => '.html',
forceSecureRequests #
Acceptstrue or false
Defaultfalse

Whether to force all requests to be HTTPS, will redirect any non HTTPS requests with a 301 to the HTTPS page. You must have a valid SSL certificate installed and setup on your server to use HTTPS.   

'forceSecureRequests' => true,
siteDomain #
Accepts string or null
Defaultnull

The domain of the site, if not set the domain will be determined via the $_SERVER['SERVER_NAME'] directive. However, if the constant ENACT_SITE_DOMAIN is defined it will take precedence over either. Do not specify http, the proper protocol will be determined based on the current request. Remember you can force all requests to redirect to https with forceSecureRequests.

'siteDomain' => 'yoursite.com',
includePoweredByHeader #
Acceptstrue or false
Defaulttrue

Include powered by Enact header.

'includePoweredByHeader' => false,
defaultCPLanguage #
Accepts string
Defaulten

The default control panel language to use.

'defaultCPLanguage' => 'es',
userLoginSlug #
Accepts string
Defaultlogin

The slug users login at, should never begin with a slash.

'userLoginSlug' => 'access',
userLogoutSlug #
Accepts string
Defaultlogout

The slug users logout at, should never begin with a slash.

'userLogoutSlug' => 'destroy',
afterLoginRedirectSlug #
Accepts string
Defaultdashboard

The slug to send users to once they have logged in, should never begin with a slash.

'afterLoginRedirectSlug' => 'entry/',
afterLogoutRedirectSlug #
Accepts string
Default login

The slug to send users to once they have logged out, begin the slug with a slash if you want to send users to a non admin control panel slug, such as your custom login page slug.

'afterLogoutRedirectSlug' => '/login',
resetPasswordSlug #
Accepts string
Default reset-password

The slug that is emailed to users when they request a password reset email. Begin it with a slash to indicate that your using a custom password reset page that doesn't exist within the admin control panel.

'resetPasswordSlug' => '/pw-reset',
accountActivationSlug #
Accepts string
Default activate

The slug that is emailed to users when an account is created for them and the admin sends an account activation email. Begin it with a slash to indicate that your using a custom account activation page that doesn't exist within the admin control panel.

'accountActivationSlug' => '/account-activation'
forceSendToEmail #
Accepts null or string
Defaultnull

Force all emails to be sent to specific email address. Can be a string for a single email eg: test@test.com or an array of emails eg: ['test1@test.com','test2@test.com'].

'forceSendToEmail' => 'youremail@domain.com',
assetExtensionWhiteList #
Acceptsnull or array
Defaultnull

Only allow assets with the specified extensions to be uploaded to Enact.

'assetExtensionWhiteList' => ['jpg','jpeg','png'],
assetExtensionBlackList #
Acceptsnull or array
Defaultnull

Don't allow assets with the specified extensions to be uploaded to Enact.

'assetExtensionBlackList' => ['pdf'],
cacheDuration #
Accepts integer
Default600 (10 minutes)

Default seconds to cache data for when using the cache tag.

'cacheDuration' => 3600,
resourceCacheDuration #
Accepts integer
Default2592000 (30 days, dervied by 60 * 60 * 24 * 30)

Default seconds to cache resources (ie javascript, css, images, documents etc) for.

'resourceCacheDuration' => 5184000
maintenanceMode #
Accepts boolean
Defaultfalse

Whether your site is down for temporary maintenance. If true no application logic will be processed, a HTTP 503 response code will be sent along with the message provided by maintenanceMessage.

'maintenanceMode' => true,
maintenanceMessage #
Accepts string
Default<h1>This site is currently under going maintenance.</h1><p>It will be back up shortly.</p>

The message to be displayed when your site is in maintenance mode.

'maintenanceMessage' => 'Sorry for the inconvenience, but were performing some necessary maintenance on the site and will be back up shortly', 
CSRFEnabled #
Accepts boolean
Defaulttrue

Whether Cross Site Request Forgery (CSRF) tokens are enabled and required to perform POST, PUT, and DELETE requests.

'CSRFEnabled' => false,
CSRFTokenName #
Accepts string
DefaultENACT_TOKEN

The name of the CSRF token as used by cookies, and hidden inputs.

'CSRFTokenName' => 'my_csrf_token_name',