The configuration file
This guide is incomplete. Please help us complete it using the "Edit this page" button in the sidebar. Thanks!
Configuration file for FOSSBilling
The configuration file can be found under /config.php. You can adjust the configuration file based on your preferences. You can also find the example config file with some documentation here (opens in a new tab).
Configuration Parameters
The following configuration parameters are available for customizing FOSSBilling:
Security Options
These configuration options allow you to configure the security options inside of FOSSBilling. The default values are recommended unless they are causing issues.
security.mode
: Sets the security mode. Available options arestrict
(default) orregular
.security.force_https
: Determines whether to force HTTPS connections. Set totrue
to force HTTPS (recommended) orfalse
to allow HTTP connections.security.cookie_lifespan
: Sets the lifespan of the session cookie in seconds. The default value is7200
(2 hours).
Salt
salt
: This key is actually used as an encryption key when FOSSBilling needs to perform reversable encryption.
Installation URL
url
: Sets the full URL where FOSSBilling is installed, including the trailing slash.
Admin Area URL Prefix
admin_area_prefix
: Sets the URL prefix to access the FOSSBilling admin area. For example, set it to/admin
forhttps://example.com/admin
.
Debugging
debug
: Enables or disables displaying advanced debugging messages. It is recommended to keep this disabled (false
) unless you are debugging issues.
Automatic Updater
update_branch
: Configures the update branch for the automatic updater. Currently acceptable options are"release"
or"preview"
.
Stacktrace Configuration
log_stacktrace
: Enables or disables stacktraces when an exception is thrown (requiresdebug
to be enabled).stacktrace_length
: Specifies the maximum length of the stacktrace.
Maintenance Mode
maintenance_mode.enabled
: Enables or disables the system maintenance mode. When enabled, it blocks public access to your website, and API endpoints except the allowed ones won't work.maintenance_mode.allowed_urls
: Specifies URLs that are not blocked during maintenance. Supports wildcard matching.maintenance_mode.allowed_ips
: Specifies IP/Subnet addresses that are not blocked during maintenance.
Automatic Cron Execution
disable_auto_cron
: Disables the fallback automatic cron execution when logging into the admin panel.
Default Localization
These configuration options allow you to configure the default localization settings.
i18n.locale
: Sets the default locale. The default value isen_US
.i18n.timezone
: Sets the default timezone. The default value isUTC
.i18n.date_format
: Sets the default date format. Available options arenone
,short
,medium
, andlong
.i18n.time_format
: Sets the default time format. Available options arenone
,short
,medium
, andlong
.i18n.datetime_pattern
: Specifies a custom pattern for formatting date and time.
Data Storage and Logging
path_data
: Sets the location to store sensitive data.path_logs
: Sets the path to the application log file. (The parameter isn't properly respected by the entire application)log_to_db
: Enables or disables logging to the database.
Database Configuration
db.type
: Specifies the database type. The default value ismysql
.db.host
: Specifies the database hostname. (Usually127.0.0.1
orlocalhost
).db.name
: Specifies the name of the database for FOSSBilling.db.user
: Specifies the database username.db.password
: Specifies the database password.db.port
: Specifies the database port. The default value is3306
.
Twig Configuration
twig.debug
: Enables or disables Twig debugging. Set totrue
to enable Twig debug mode.twig.auto_reload
: Enables or disables Twig auto-reloading templates.twig.cache
: Sets the cache directory for Twig templates.
API Configuration
api.require_referrer_header
: Determines whether all requests made to the API must have the referrer request header with the same URL as the FOSSBilling installation.api.allowed_ips
: Specifies the IP addresses that are allowed to access the API. An empty array allows all IPs.api.rate_span
: Sets the time span for rate limiting in seconds.api.rate_limit
: Sets the maximum number of requests allowed per time span.api.throttle_delay
: Specifies the throttling delay in seconds when the rate limit is reached.api.rate_span_login
: Sets the time span for rate limiting login requests in seconds.api.rate_limit_login
: Sets the maximum number of login requests allowed per time span.api.CSRFPrevention
: Enables or disables the usage of a token to protect the system from CSRF attacks.