Configuration

All configurable data is placed in config.php. If this file does not exist something went wrong during installation. This file only needs to contain the parameters you want to change from their corresponding default values.

If a directive is missing from your file, you can just add another line within the file. This file is for over-writing the defaults; if you wish to use the default value there's no need to add a directive.

You should assume that any configuration directives that were generated by the installation routine of Wolf CMS are required to be there or have no default value for some reason.

Warning

Mac users should note that if you are on a version before Mac OS X, PHP does not seem to like Mac end of lines character (\r). So ensure you choose the option that allows to use the *nix end of line character (\n) in your text editor before saving a modified config.php.

Using clean URLs

The default installation of Wolf CMS generates a question mark in the URLs it generates. This is for compatibility purposes, so Wolf CMS will run on almost any HTTP server by default.

However, most people (and search engines) don't really like this question mark. You can disable/remove the question mark after you installed Wolf CMS.

By default, Wolf CMS supports Apache. Other HTTP servers are supported based on user input.

Important

You must carry out both the "General actions" as well as the additional instructions for your specific web server (Apache, Lighttpd, Nginx, etc.).

General actions

The following actions should always be executed in order for Wolf CMS to use clean urls.

  1. Temporarily add write permissions to the config.php file and edit it.
  2. Change the value of the USE_MOD_REWRITE setting to true.
  3. Save the file and remove the write permissions again.
  4. Apply the directions for your specific HTTP server. See rewrite.

After applying the directions, test out the change by going to the root of your website. You should no longer see the question mark.

Basic settings


define('DB_DSN', ...)

Type: string
Default: generated

Contains the complete connection string required for Wolf CMS to connect to it's database. This string is generated based on the selections you made during the installation phase.


define('DB_USER', ...)

Type: string
Default: generated

The username required to connect to the database. This string is generated based on the selections you made during the installation phase.


define('DB_PASS', ...)

Type: string
Default: generated

The username required to connect to the database. This string is generated based on the selections you made during the installation phase.


define('TABLE_PREFIX', ...)

Type: string
Default: generated

The prefix that should be used when creating and referencing database tables. This string is generated based on the selections you made during the installation phase.


Server connectivity settings


define('URL_PUBLIC', ...)

Type: string
Default: generated

The full HTTP URL to your Wolf CMS installation. This values is used throughout the software and it's plugins to reference various URLs. Only change this value if you are absolutely sure what you're doing.


define('USE_MOD_REWRITE', ...)

Type: boolean
Default: false

Change this setting to enable the use of mod_rewrite. When set to true, Wolf CMS tries to remove the "?" in the URL. For this to succeed, a correct set of rewrite rules will have to be configured.

Additionally, to enable mod_rewrite, you must also change the name of _.htaccess in your root directory to .htaccess.


define('URL_SUFFIX', ...)

Type: string
Default: .html

This option allows you to add a default suffix to your page URLs to, for example, simulate static pages.


Generic settings


define('ADMIN_DIR', ...)

Type: string
Default: admin

The name of the HTTP path, also known as a virtual directory, that your site's administration section lives behind.


define('DEFAULT_TIMEZONE', ...)

Type: string
Default: generated

Sets in which timezone your installation lives. For more information on the available timezones, see http://php.net/timezones


define('USE_POORMANSCRON', ...)

Type: boolean
Default: false

Whether or not to use a so-called web bug to run CRON runs when users visit your site. If your site does not get any hits, the poorman's cron run will never take place.


define('POORMANSCRON_INTERVAL', ...)

Type: integer
Default: 3600 (60 minutes)

The minimum amount of time in seconds between two CRON runs when using the poorman's cron option.


define('COOKIE_LIFE', ...)

Type: integer
Default: 1800 (30 minutes)

The amount of time in seconds that a logged in session remains valid.


define('ALLOW_LOGIN_WITH_EMAIL', ...)

Type: boolean
Default: false

Whether or not previously registered users can login using their registered email address.


define('CHECK_UPDATES', ...)

Type: boolean
Default: true

Whether or not Wolf CMS will check if there are updates for itself or any of its plugins.


define('CHECK_TIMEOUT', ...)

Type: integer
Default: 3

The number of seconds before the check for updates times out in case of problems.


Security settings


define('USE_HTTPS', ...)

Type: boolean
Default: false

Whether or not to use HTTPS for the administration section of your website. Before enabling this, please make sure you have a working HTTP + SSL installation.


define('COOKIE_HTTP_ONLY', ...)

Type: boolean
Default: false

Whether or not to use a so-called HttpOnly1 authentication cookie instead of a unprotected one. This requests browsers to make the cookie only available through HTTP, so not javascript for example. There is no guarantee the browser honors the request, but OWASP recommends using it. Defaults to false for backwards compatibility.

Note

This option will default to true in future releases.


define('DELAY_ON_INVALID_LOGIN', ...)

Type: boolean
Default: true

Whether or not Wolf CMS should temporarily block login attempts to an account in case invalid login attempts occurred.


define('DELAY_ONCE_EVERY', ...)

Type: integer
Default: 30

The amount of time in seconds that Wolf CMS should block login attempts to an account for after invalid login attempts occurred.


define('DELAY_FIRST_AFTER', ...)

Type: integer
Default: 3

The number of invalid login attempts to an account that are permitted before Wolf CMS starts to (temporarily) block further login attempts.


define('SECURE_TOKEN_EXPIRY', ...)

Type: integer
Default: 900 (15 minutes)

The amount of time in seconds before a security token, otherwise known as an CSRF token, is no longer deemed valid. If a user tries to undertake an action, like saving a page, after the token has expired, the system will display an Invalid CSRF token.. message.

Simply re-attemting the same action will allow the user to continue.

Warning

The CSRF token is considered a very important feature to help protect against hackers stealing a user's session information and abusing that account. We strongly advise not setting this value too high.


Debug & Development settings

Danger

These settings might have huge effect on performance or security.


define('DEBUG', ...)

Type: boolean
Default: false

Defines whether or not Wolf CMS should produce error messages for debugging issues.


Footnotes