All parameters in the Site, System, Server, and Logging tabs of the Global Configuration section in Joomla 4, Joomla 5, and Joomla 6 are stored as variables in the configuration.php file. This article provides a comprehensive table mapping each configuration variable to its corresponding setting name, along with descriptions and accepted values.
Please note:
- The configuration.php file is automatically configured during the Joomla installation process, so many parameters in the Global Configuration section should be left at their default values.
- The configuration.php file has default permissions of 444, meaning the file should be read-only.
- You can modify variable values directly in the configuration file by changing file permissions to 644.
Site
Site Settings
Global Configuration → Site → Site Settings
| Setting | Values | Description |
|---|
Site Name
$sitename |
Text (text field) |
The name of the website, which will be used in various places (e.g., in the page title bar of the administrator panel and on offline pages). |
Frontend Editing
$frontediting |
Modules |
Ability to edit modules and/or menu items in the frontend interface. |
| Modules and Menu Items |
| None |
Default Editor
$editor |
Editor - CodeMirror |
The default visual editor for use on the site. Users can choose their own editor in their profile if the Site Settings for User parameter is enabled in the Users component settings. |
| Editor - TinyMCE |
| Editor - No Editor |
| Third-party plugins |
Default Captcha
$captcha |
Not Selected |
The default CAPTCHA plugin for use on the site. You may need to enter the required information into the CAPTCHA plugin. |
| CAPTCHA - reCAPTCHA |
| CAPTCHA - Invisible reCAPTCHA |
| Third-party plugins |
Default Access Level
$access |
Public |
The default access level for new items. |
| Guest |
| Registered |
| Special |
| Super Users |
| Custom User Group |
Default List Limit
$list_limit |
5-500 |
Sets the default list length in the administrator panel for all users. |
Default Feed Limit
$feed_limit |
5-100 |
Sets the number of content items to display in feeds. |
Feed Email Address
$feed_email |
None |
RSS and Atom feeds contain the author's email address (specified in the Joomla user's Email setting) or the site's email address (specified in the Site Email global setting). |
| Author Email |
| Site Email |
Site Offline
$offline |
Yes |
Determine whether the frontend pages of the site are accessible to visitors. |
| No |
| Settings for Site Offline → Yes |
Offline Image
$offline_image |
Image URL (media manager field) |
The image that will be displayed on the page when the site is offline. |
Offline Message
$display_offline_message |
Hide |
The message is not displayed. |
| Custom Message |
The message uses the value specified in the Custom Message field. |
| Default (from language file) |
The message uses the value from the language variable. |
| Settings for Offline Message → Custom Message |
Custom Message
$offline_message |
Text (textarea) |
The custom message that will be displayed on the offline site page. |
Metadata Settings
Global Configuration → Site → Metadata Settings
| Setting | Values | Description |
|---|
Site Meta Description
$MetaDesc |
Text (textarea) |
The default meta description value to be used on site pages (unless a specific page has its own value). |
Robots
$robots |
index, follow |
Allows search engine robots to index the page and follow links. |
| noindex, follow |
Prevents search engine robots from indexing the page but allows them to follow links. |
| index, nofollow |
Allows search engine robots to index the page but prevents them from following links. |
| noindex, nofollow |
Prevents search engine robots from indexing the page and following links. |
Rights Meta Tag
$MetaRights |
Text (textarea) |
Copyright description to be displayed in the site page HTML markup. |
Author Meta Tag
$MetaAuthor |
Show |
Show or hide the author meta tag in the HTML code of Joomla article pages. |
| Hide |
Generator Meta Tag
$MetaVersion |
Show |
Show or hide the generator meta tag in the site page HTML code, which contains information about the Joomla version being used. |
| Hide |
SEO Settings
Global Configuration → Site → SEO Settings
| Setting | Values | Description |
|---|
Search Engine Friendly URLs
$sef |
Yes |
Enable or disable the Search Engine Friendly (SEF) URL optimization feature. |
| No |
Site Name in Page Titles
$sitename_pagetitles |
None |
Start or end all page titles (the <title> tag) with the site name (e.g., "My Site Name - My Article Title"). |
| Before |
| After |
| Settings for Search Engine Friendly URLs → Yes |
Use URL Rewriting
$sef_rewrite |
No |
Enable or disable the URL rewriting feature to remove the index.php fragment from page URLs. |
| Yes |
Add Suffix to URL
$sef_suffix |
No |
Enable or disable the feature that adds a .html suffix to page URLs depending on the content type. |
| Yes |
Unicode Aliases
$unicodeslugs |
Yes |
Enable if you need Cyrillic characters in URLs (relevant for Cyrillic domains). |
| No |
Aliases will be created by transliterating to Latin characters according to the rules of the default language pack. |
Cookie Settings
Global Configuration → Site → Cookie Settings
| Setting | Values | Description |
|---|
Cookie Domain
$cookie_domain |
Text (text field) |
The domain name for sessions when using cookies. If you need cookies to be valid for subdomains, enter a dot before the domain name. |
Cookie Path
$cookie_path |
Text (text field) |
The path for which the cookie should be valid. |
System
Debug Settings
Global Configuration → System → Debug Settings
| Setting | Values | Description |
|---|
Debug System
$debug |
Yes |
Enable or disable the system debug feature and display diagnostic messages about the site. This parameter is recommended only for finding and fixing errors; it should be disabled on live sites for security reasons. |
| No |
Debug Language
$debug_lang |
Yes |
Enable or disable the language debug feature and display ?? or ** indicators. If no indicators are displayed, the text is likely hard-coded and a language constant needs to be created to solve the problem. |
| No |
| Settings for Debug Language → Yes |
Language Display
$debug_lang_const |
Constant |
Select the language display mode when debugging. |
| Value (text) |
Cache Settings
Global Configuration → System → Cache Settings
| Setting | Values | Description |
|---|
System Cache
$caching |
Disabled |
Standard caching generates the least amount of cache. Progressive caching generates more cache by caching modules. |
| Standard Caching |
| Progressive Caching |
| Settings for System Cache → not Disabled |
Cache Handler
$cache_handler |
File (default) |
The basic caching mechanism is file-based. Cache folders must be writable. |
| Other |
If specific caching modules are available on the server, you can select them. |
Platform Specific Caching
$cache_platformprefix |
No |
Enable if HTML output on mobile devices differs from output on other devices. |
| Yes |
Cache Time (minutes)
$cachetime |
Number |
The maximum time in minutes that a cache file should be stored before being refreshed. |
Path to Cache Folder
$cache_path |
Folder path (text field) |
Specify a writable folder for storing cache files if you do not want to use the /cache/ folder. |
Session Settings
Global Configuration → System → Session Settings
| Setting | Values | Description |
|---|
Session Handler
$session_handler |
Database |
The mechanism by which Joomla identifies a user after they connect to the website. |
| File System |
| Settings for Session Handler → File System |
Session Save Path
$session_filesystem_path |
Folder path (text field) |
If left empty, the /tmp/ temporary files directory will be used. |
Session Lifetime (minutes)
$lifetime |
Number |
Automatically logs out the user after they have been inactive for the specified number of minutes. |
Shared Sessions
$shared_session |
Yes |
Enable or disable the use of shared user sessions for the frontend and administrator panel. This parameter cannot be used if Force HTTPS is set to Administrator. |
| No |
Track Session Metadata
$session_metadata |
Yes |
Enable or disable tracking of user session metadata. If set to Yes, session metadata (including login, ID, and the application they logged into) will be recorded in the database table. If set to No, functions that depend on metadata will be unavailable. |
| No |
| Settings for Track Session Metadata → Yes |
Track Guest Session Metadata
$session_metadata_for_guest |
Yes |
Enable or disable tracking of guest (unregistered user) session metadata. If set to No, only registered user session metadata will be recorded. |
| No |
Server
Server Settings
Global Configuration → Server → Server Settings
| Setting | Values | Description |
|---|
Path to Temp Folder
$tmp_path |
Folder path (text field) |
The path to the directory for storing temporary files (by default, the /tmp/ folder in the site root). |
Gzip Page Compression
$gzip |
Yes |
Enable or disable Gzip page compression to reduce file size and improve site speed metrics. This parameter should be disabled if the feature is already enabled on the server or if conflicts with third-party extensions occur. |
| No |
Error Reporting
$error_reporting |
System Default |
The level of PHP error reporting on the site. This parameter is recommended only for finding and fixing errors; it should be disabled on live sites for security reasons. |
| None |
| Simple |
| Maximum |
Force HTTPS
$force_ssl |
None |
Enable or disable the use of the HTTPS protocol. For this parameter to work, HTTPS must also be enabled on the server or load balancer. If the SSL certificate terminates at the load balancer but the site is served over HTTP, enable the Behind Load Balancer parameter. |
| Entire Site |
| Administrator |
Location Settings
Global Configuration → Server → Location Settings
| Setting | Values | Description |
|---|
Website Time Zone
$offset |
Time zone (dropdown list) |
Select the time zone for displaying correct date and time. Users can choose their own time zone in their profile. |
Web Services Settings
Global Configuration → Server → Web Services Settings
| Setting | Values | Description |
|---|
Enable CORS
$cors |
Yes |
Enable or disable the use of Cross-Origin Resource Sharing (CORS) headers, which allow browser scripts to interact with resources from a different origin. |
| No |
| Settings for Enable CORS → Yes |
Access-Control-Allow-Origin
$cors_allow_origin |
Text field |
Enter the origin addresses to be sent back in response to the preflight request (default: *). |
Access-Control-Allow-Headers
$cors_allow_headers |
Text field |
Enter the headers to be sent back in response to the preflight request (default: Content-Type, X-Joomla-Token). |
Access-Control-Allow-Methods
$cors_allow_methods |
Text field |
Enter the method headers to be sent back in response to the preflight request (default: empty). |
Proxy Settings
Global Configuration → Server → Proxy Settings
Behind Load Balancer
$behind_loadbalancer |
Yes |
Enable or disable the use of a load balancer if the site is behind a load balancer or reverse proxy. Enabling this parameter allows the real IP address of the site user to be obtained and logged in the user actions log. |
| No |
Enable Outbound Proxy
$proxy_enable |
Yes |
Enable or disable the use of an outbound proxy server for accessing resources on the network. |
| No |
| Settings for Enable Outbound Proxy → Yes |
Outbound Proxy Host
$proxy_host |
Text |
Enter the hostname or IP address of the proxy server. |
Outbound Proxy Port
$proxy_port |
Number |
Enter the port number of the proxy server. |
Outbound Proxy Username
$proxy_user |
Text |
Leave empty if your outbound proxy server does not require authentication. |
Outbound Proxy Password
$proxy_pass |
Password |
Enter the password for the outbound proxy server if authentication is required. |
Database Settings
Global Configuration → Server → Database Settings
| Setting | Values | Description |
|---|
Database Type
$dbtype |
MySQLi |
The type of database being used, selected during the installation process. |
| MySQL (PDO) |
| PostgreSQL (PDO) |
Host
$host |
Text |
The database hostname entered during installation (default: localhost). |
Database Username
$user |
Text |
The username for accessing the database, entered during installation. |
Database Password
$password |
Password |
The user password for accessing the database, entered during installation. |
Database Name
$db |
Text |
The name of the database, entered during installation. |
Database Tables Prefix
$dbprefix |
Text |
The prefix used for database tables, generated during installation. |
Connection Encryption
$dbencryption |
Default (server controlled) |
Use the server's default encryption settings. |
| One-way authentication |
Use one-way SSL/TLS authentication for the database connection. |
| Two-way authentication |
Use mutual SSL/TLS authentication for the database connection. |
| Settings for Connection Encryption → One-way authentication |
Verify Server Certificate
$dbsslverifyservercert |
Yes |
Enable or disable verification of the server's SSL certificate. Requires Path to CA File to be specified. |
| No |
| Settings for Verify Server Certificate → Yes |
Path to CA File
$dbsslca |
Text |
The path to the Certificate Authority (CA) file for verifying the server certificate. |
| Settings for Connection Encryption → Two-way authentication |
Path to Private Key File
$dbsslkey |
Text |
The path to the private key file for mutual authentication. |
Path to Certificate File
$dbsslcert |
Text |
The path to the client certificate file for mutual authentication. |
Supported Cipher Suite (optional)
$dbsslcipher |
Text |
Optional: specify a custom cipher suite for the encrypted connection. |
Mail Settings
Global Configuration → Server → Mail Settings
| Setting | Values | Description |
|---|
Send Mail
$mailonline |
Yes |
Enable or disable the ability to send emails from the site. If set to No, the system will not send any notifications (e.g., registration confirmations, password reset emails). |
| No |
| Settings for Send Mail → Yes |
Disable Mass Mail
$massmailoff |
Yes |
Enable or disable the ability for administrators to send mass emails to registered users through the Users component. It is recommended to disable this on large sites to prevent accidental or malicious mass mailing. |
| No |
From Email
$mailfrom |
Email (text field) |
The email address that will appear in the From: field of all outgoing emails. Typically an address like This email address is being protected from spambots. You need JavaScript enabled to view it.. |
From Name
$fromname |
Name (text field) |
The sender name displayed in the From: field of all outgoing emails. Usually the site name, so recipients know who the email is from. |
Reply To Email
$replyto |
Email (text field) |
The email address where replies will be sent if the recipient clicks "Reply." It is recommended to specify a real address monitored by the site administrator. |
Reply To Name
$replytoname |
Name (text field) |
The recipient name displayed in the To: field when replying to an email. Usually matches the sender or administrator name. |
Mailer
$mailer |
PHP Mail |
Select the email sending method. PHP Mail — PHP's built-in mail function (simple, but often limited by hosting). Sendmail — uses the Sendmail program on the server (more reliable). SMTP — sends via an external SMTP server (most reliable, recommended for most sites). |
| Sendmail |
| SMTP |
| Settings for Mailer → Sendmail |
Sendmail Path
$sendmail |
Path (text) |
The path to the Sendmail executable on the server. Typically /usr/sbin/sendmail. Leave empty if unsure — the system will use the default path. |
| Settings for Mailer → SMTP |
SMTP Host
$smtphost |
Hostname (text) |
The address of the SMTP server through which emails will be sent. For example, smtp.gmail.com or your hosting provider's SMTP address. |
SMTP Port
$smtpport |
Number |
The SMTP server port. Typically 25 (no encryption), 465 (SSL/TLS), or 587 (STARTTLS). Check with your provider or in the email service documentation. |
SMTP Security
$smtpsecure |
None |
Select the encryption method for the SMTP connection. None — no encryption (not recommended). SSL/TLS — encryption via SSL or TLS (usually port 465). STARTTLS — encryption via STARTTLS (usually port 587). It is recommended to use SSL/TLS or STARTTLS for security. |
| SSL/TLS |
| STARTTLS |
SMTP Authentication
$smtpauth |
Yes |
Enable or disable authentication on the SMTP server. Most modern SMTP servers require authentication, so it is recommended to set this to Yes. |
| No |
| Settings for SMTP Authentication → Yes |
SMTP Username
$smtpuser |
Username (text) |
The username for authentication on the SMTP server. Usually the full email address (e.g., This email address is being protected from spambots. You need JavaScript enabled to view it.) or the login provided by your host. |
SMTP Password
$smtppass |
Password |
The password for authentication on the SMTP server. Be careful: if you have two-factor authentication enabled, you may need to use an app password instead of your main password. |
Logging
Logging Settings
Global Configuration → Logging → Logging Settings
| Setting | Values | Description |
|---|
Path to Log Folder
$log_path |
Folder path (text field) |
The path to the directory for storing log files (default: /administrator/logs/). Ensure the folder is writable. |
Log Almost Everything
$log_everything |
Yes |
Enable or disable logging of events across all categories, except deprecated API functions. When enabled, all system events will be logged, which is useful for debugging but may generate large log files. |
| No |
Log Deprecated API
$log_deprecated |
Yes |
Enable or disable logging of calls to deprecated API functions. Recommended for developers to track usage of deprecated code in third-party extensions and update them in a timely manner. On live sites, this can be disabled to avoid cluttering the logs. |
| No |
Advanced Settings
Global Configuration → Logging → Advanced Settings
| Setting | Values | Description |
|---|
Log Priorities
$log_priorities |
Multiple selection |
The events that should be recorded in the log file (default: All). |
Log Categories
$log_categories |
Text (text field) |
Category headers for logging (e.g., database, databasequery, database-error, jerror, joomlafailure, update, updater). If left empty, custom logging will be disabled. |
Log Category Mode
$log_category_mode |
Yes |
Activate mode for the list of log categories. |
| No |
configuration.php Variables
There are several variables in the configuration.php file whose values can only be changed by directly editing the file itself.
$live_site |
Site URL |
An optional parameter that can set the canonical URL of the site for the system. Note that if you restore a backup of your site where $live_site points to your live site's URL, the system will redirect to that live site. |
$secret |
Random character string |
A random string generated during the first Joomla installation, used for encrypting data for security purposes. The value of this variable cannot be changed, otherwise you may lose access to the site. |
$helpurl |
Help URL |
The URL of the documentation pages accessed by the system when help requests are made from the administrator panel (the Help button on the toolbar). |
Terms used:
Configuration.php, Frontend, Article, Media Manager, Language constant, Language, Language file, HTML, MySQL, PHP, Authentication, Backup, Cookie, Menu, Redirect
